CVE-2025-52496 — Compiler Optimization Removal or Modification of Security-critical Code in Mbedtls

CWE-733 — Compiler Optimization Removal or Modification of Security-critical Code9 documents8 sources

Severity

7.8HIGHNVD

OSV9.8

EPSS

0.0%

top 88.70%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mbed Mbedtls ARM Mbed TLS

Timeline

PublishedJul 4

Latest updateMar 25

Description

Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:NExploitability: 1.4 | Impact: 5.8

Affected Packages4 packages

▶CVEListV5mbed/mbedtls< 3.6.4

▶NVDarm/mbed_tls< 3.6.4

▶Debianmbed/mbedtls< 2.16.9-0.1+deb11u2+2

▶Ubuntumbed/mbedtls< 2.8.0-1ubuntu0.1~esm1+3

🔴Vulnerability Details

OSV

mbedtls vulnerabilities↗2026-03-25

▶

OSV

CVE-2025-52496: Mbed TLS before 3↗2025-07-04

▶

GHSA

GHSA-qc26-g9mm-wmmf: Mbed TLS before 3↗2025-07-04

▶

CVEList

CVE-2025-52496: Mbed TLS before 3↗2025-07-04

▶

📋Vendor Advisories

Ubuntu

Mbed TLS vulnerabilities↗2026-03-25

▶

Microsoft

▶

Debian

CVE-2025-52496: mbedtls - Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compile...↗2025

▶

💬Community

Bugzilla

CVE-2025-52496 micropython: Mbed TLS AESNI Race Condition Vulnerability [fedora-all]↗2025-07-07

▶