CVE-2018-1000520 — Improper Certificate Validation in ARM Mbed TLS

CWE-295 — Improper Certificate Validation8 documents6 sources
Severity
7.5HIGHNVD
EPSS
0.1%
top 81.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
ARM Mbed TLS
Timeline
PublishedJun 26
Latest updateMay 13

Description

ARM mbedTLS version 2.7.0 and earlier contains a Ciphersuite Allows Incorrectly Signed Certificates vulnerability in mbedtls_ssl_get_verify_result() that can result in ECDSA-signed certificates are accepted, when only RSA-signed ones should be.. This attack appear to be exploitable via Peers negotiate a TLS-ECDH-RSA-* ciphersuite. Any of the peers can then provide an ECDSA-signed certificate, when only an RSA-signed one should be accepted..

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

â–¶NVDarm/mbed_tls2.7.0

🔴Vulnerability Details

3
GHSA
GHSA-fjhp-rw56-p66f: ARM mbedTLS version 2↗2022-05-13
â–¶
CVEList
CVE-2018-1000520: ARM mbedTLS version 2↗2018-06-26
â–¶
OSV
CVE-2018-1000520: ARM mbedTLS version 2↗2018-06-26
â–¶

📋Vendor Advisories

1
Debian
CVE-2018-1000520: mbedtls - ARM mbedTLS version 2.7.0 and earlier contains a Ciphersuite Allows Incorrectly ...↗2018
â–¶

💬Community

3
Bugzilla
CVE-2018-1000520 mbedtls: Allows incorrectly signed certificate↗2018-06-27
â–¶
Bugzilla
CVE-2018-1000520 mbedtls: Allows incorrectly signed certificate [epel-all]↗2018-06-27
â–¶
Bugzilla
CVE-2018-1000520 mbedtls: Allows incorrectly signed certificate [fedora-all]↗2018-06-27
â–¶
CVE-2018-1000520 — Improper Certificate Validation | cvebase