CVE-2025-27810

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays.

CVSS v3 5.4 MEDIUM

5.4^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.2 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://github.com/Mbed-TLS/mbedtls/releases	Release Notes
https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-03-2/	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:arm:mbed_tls::::::::
	cpe:2.3:a:trustedfirmware:mbed_tls::::::::

History

05 Jun 2026, 19:38

Type	Values Removed	Values Added
CPE		cpe:2.3:a:trustedfirmware:mbed_tls::::::::
First Time		Trustedfirmware Trustedfirmware mbed Tls

30 Oct 2025, 15:05

Type	Values Removed	Values Added
CPE		cpe:2.3:a:arm:mbed_tls::::::::
First Time		Arm mbed Tls Arm
References	~~() https://github.com/Mbed-TLS/mbedtls/releases -~~	() https://github.com/Mbed-TLS/mbedtls/releases - Release Notes
References	~~() https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-03-2/ -~~	() https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-03-2/ - Vendor Advisory

27 Mar 2025, 16:45

Type	Values Removed	Values Added
Summary		(es) Mbed TLS anterior a 2.28.10 y 3.x anterior a 3.6.3, en algunos casos de asignación de memoria fallida o errores de hardware, utiliza memoria de pila no inicializada para componer el mensaje TLS Finalizado, lo que puede provocar omisiones de autenticación como repeticiones.

25 Mar 2025, 06:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-25 06:15

Updated : 2026-06-17 09:04

NVD link : CVE-2025-27810

Mitre link : CVE-2025-27810

CVE.ORG link : CVE-2025-27810

JSON object : View

Products Affected

trustedfirmware

mbed_tls

arm

mbed_tls

CWE

CWE-908

Use of Uninitialized Resource

{"id": "CVE-2025-27810", "cveTags": [], "metrics": {"ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2025-27810", "role": "CISA Coordinator", "options": [{"exploitation": "none"}, {"automatable": "no"}, {"technicalImpact": "partial"}], "version": "2.0.3", "timestamp": "2025-03-25T14:36:57.836676Z"}}], "cvssMetricV31": [{"type": "Secondary", "source": "cve@mitre.org", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.2}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 2.2}]}, "affected": [{"source": "cve@mitre.org", "affectedData": [{"vendor": "Mbed", "product": "mbedtls", "versions": [{"status": "affected", "version": "0", "lessThan": "2.28.10", "versionType": "semver"}, {"status": "affected", "version": "3.0.0", "lessThan": "3.6.3", "versionType": "semver"}], "defaultStatus": "unaffected"}]}], "published": "2025-03-25T06:15:41.180", "references": [{"url": "https://github.com/Mbed-TLS/mbedtls/releases", "tags": ["Release Notes"], "source": "cve@mitre.org"}, {"url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-03-2/", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "cve@mitre.org", "description": [{"lang": "en", "value": "CWE-908"}]}], "descriptions": [{"lang": "en", "value": "Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays."}, {"lang": "es", "value": "Mbed TLS anterior a 2.28.10 y 3.x anterior a 3.6.3, en algunos casos de asignaci\u00f3n de memoria fallida o errores de hardware, utiliza memoria de pila no inicializada para componer el mensaje TLS Finalizado, lo que puede provocar omisiones de autenticaci\u00f3n como repeticiones."}], "lastModified": "2026-06-17T09:04:15.710", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD0A913D-2765-4EE6-8C44-59214EFCAD03", "versionEndExcluding": "2.28.10"}, {"criteria": "cpe:2.3:a:trustedfirmware:mbed_tls:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8253337-97A1-4B7E-A0D4-31AFBA7A20F6", "versionEndExcluding": "3.6.3", "versionStartIncluding": "3.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}