Impact
In Erlang/OTP’s ssl component, the client‑side implementation of tls_gen_connection fails to reject APPLICATION_DATA records received before the TLS handshake is complete. A network‑positioned attacker can therefore send plaintext data during the handshake that is buffered and later returned to the application after the handshake finishes, making the application believe it is authentic server data. The vulnerability does not let the attacker observe the client’s response or steer the connection, so the impact is limited to blind injection of arbitrary bytes into the client application. This can lead to data corruption or unintended application behavior but does not directly provide code execution or remote control.
Affected Systems
The vulnerability exists in Erlang/OTP releases 17.0 up to 29.0.3, 28.5.0.3 and 27.3.4.14, which correspond to ssl versions 5.3.4 up to 11.7.3, 11.6.0.3 and 11.2.12.10. TLS 1.3 is affected in OTP 22.0 and later when TLS 1.3 support was added.
Risk and Exploitability
With a CVSS score of 6.3 the vulnerability is considered medium. An attacker must be positioned in the network path to the client and must be able to inject packets during the handshake; no active response is required. Because the exploit results in only blind data injection and the EPSS score is not available, the likelihood of widespread exploitation is uncertain. The vulnerability is not currently listed in CISA’s KEV catalog.
OpenCVE Enrichment