Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

tf-psa-crypto

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

5
Related CVEsRelated VendorsRelated AssignersReports
5Vulnerabilities found
CVE-2025-66442
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-5.1||MEDIUM
EPSS-0.03% / 7.37%
||
7 Day CHG~0.00%
Published-01 Apr, 2026 | 00:00
Updated-03 Apr, 2026 | 20:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in RSA and CBC/ECB decryption) that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected.

Action-Not Available
Vendor-n/aArm Limited
Product-mbed_tlstf-psa-crypton/a
CWE ID-CWE-385
Covert Timing Channel
CVE-2026-25835
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.7||HIGH
EPSS-0.02% / 3.94%
||
7 Day CHG~0.00%
Published-01 Apr, 2026 | 00:00
Updated-05 Jun, 2026 | 19:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a Pseudo-Random Number Generator (PRNG).

Action-Not Available
Vendor-trustedfirmwaren/aArm Limited
Product-mbed_tlstf-psa-crypton/a
CWE ID-CWE-335
Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)
CVE-2026-34871
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.86%
||
7 Day CHG~0.00%
Published-01 Apr, 2026 | 00:00
Updated-05 Jun, 2026 | 19:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Mbed TLS before 3.6.6 and 4.x before 4.1.0 and TF-PSA-Crypto before 1.1.0. There is a Predictable Seed in a Pseudo-Random Number Generator (PRNG).

Action-Not Available
Vendor-trustedfirmwaren/aArm Limited
Product-mbed_tlstf-psa-crypton/a
CWE ID-CWE-338
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
CVE-2026-34872
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.01% / 1.36%
||
7 Day CHG~0.00%
Published-01 Apr, 2026 | 00:00
Updated-03 Apr, 2026 | 20:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values (lack of contributory behavior). This is a problem for protocols that depend on contributory behavior (which is not the case for TLS). The attack can be carried by the peer, or depending on the protocol by an active network attacker (person in the middle).

Action-Not Available
Vendor-n/aArm Limited
Product-mbed_tlstf-psa-crypton/a
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2026-34875
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.06% / 19.13%
||
7 Day CHG~0.00%
Published-01 Apr, 2026 | 00:00
Updated-05 Jun, 2026 | 19:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public key export for FFDH keys.

Action-Not Available
Vendor-trustedfirmwaren/aArm Limited
Product-mbed_tlstf-psa-crypton/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')