CVE-2024-5814

Summary

A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello. https://doi.org/10.46586/tches.v2024.i1.457-500

Affected Software

VendorProductVersion RangeStatus
wolfSSLwolfSSL0 <= 5.7.0affected

Weaknesses

Workarounds

On client side, use the wolfSSL methods for specific protocol versions instead of the downgrade API.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References