Description
wolfSSL_PKCS7_verify() returning success for a degenerate (certs-only) PKCS#7 object that contains no signer. Such an object has empty signerInfos, so the underlying signed-data verification succeeds without authenticating any content. The compatibility-layer verify path now rejects the object when no signer signature has actually been verified, so a PKCS#7 carrying no valid signature is no longer reported as verified. This is enforced regardless of the PKCS7_NOVERIFY flag, which only suppresses signer certificate chain validation and was never intended to waive the requirement that a signature exist. Only affects OpenSSL compatibility builds that call the PKCS7_verify() compatibility API on potentially degenerate PKCS#7 bundles.
Published: 2026-06-25
Score: 8.2 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A degenerate PKCS#7 bundle containing only certificates and no signer information is incorrectly reported as verified by wolfSSL_PKCS7_verify(). The underlying signed‑data verification succeeds without authenticating any content, effectively allowing an attacker to bypass signature validation. This flaw is classified as CWE-347 and can lead to the acceptance of tampered or malicious data as authentic.

Affected Systems

The issue affects wolfSSL library users building against the OpenSSL compatibility layer that invoke PKCS7_verify() on poten­tially degenerate PKCS#7 bundles. No specific version range is listed, meaning that any OpenSSL‑compatible build of wolfSSL using the affected API without an updated patch is vulnerable.

Risk and Exploitability

With a CVSS score of 8.2 the vulnerability is considered high severity. The EPSS score is not reported, and the vulnerability is not listed in the CISA KEV catalog. An attacker can construct a PKCS#7 bundle containing only certificates and deliver it to an application that trusts wolfSSL's verify output, causing the application to treat the data as authenticated. This can be exploited in remote or local contexts where the application processes untrusted PKCS#7 input. The fix enforces that a signature must exist and is verified even when the PKCS7_NOVERIFY flag is set, thereby removing the bypass.

Generated by OpenCVE AI on June 25, 2026 at 19:05 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to a wolfSSL version that includes the patch from PR 10702.
  • If an upgrade is not immediately possible, configure applications to reject PKCS#7 objects that do not contain at least one signer before calling PKCS7_verify().
  • Validate that the PKCS7_NOVERIFY flag is not used mis‑appropriately and that any custom verification logic includes a signature presence check.

Generated by OpenCVE AI on June 25, 2026 at 19:05 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4683-1 wolfssl security update
History

Thu, 25 Jun 2026 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Wolfssl
Wolfssl wolfssl
Vendors & Products Wolfssl
Wolfssl wolfssl

Thu, 25 Jun 2026 18:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 25 Jun 2026 17:30:00 +0000

Type Values Removed Values Added
Description wolfSSL_PKCS7_verify() returning success for a degenerate (certs-only) PKCS#7 object that contains no signer. Such an object has empty signerInfos, so the underlying signed-data verification succeeds without authenticating any content. The compatibility-layer verify path now rejects the object when no signer signature has actually been verified, so a PKCS#7 carrying no valid signature is no longer reported as verified. This is enforced regardless of the PKCS7_NOVERIFY flag, which only suppresses signer certificate chain validation and was never intended to waive the requirement that a signature exist. Only affects OpenSSL compatibility builds that call the PKCS7_verify() compatibility API on potentially degenerate PKCS#7 bundles.
Title wolfSSL_PKCS7_verify() reports success for degenerate (certs-only) PKCS#7 with no signer
Weaknesses CWE-347
References
Metrics cvssV4_0

{'score': 8.2, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: wolfSSL

Published:

Updated: 2026-06-25T17:57:46.226Z

Reserved: 2026-06-17T22:10:55.453Z

Link: CVE-2026-55961

cve-icon Vulnrichment

Updated: 2026-06-25T17:57:42.648Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-25T21:30:11Z

Weaknesses
  • CWE-347

    Improper Verification of Cryptographic Signature