CVE-2026-3230

Missing required cryptographic step in the TLS 1.3 client HelloRetryRequest handshake logic in wolfSSL could lead to a compromise in the confidentiality of TLS-protected communications via a crafted HelloRetryRequest followed by a ServerHello message that omits the required key_share extension, resulting in derivation of predictable traffic secrets from (EC)DHE shared secret. This issue does not affect the client's authentication of the server during TLS handshakes.

CVSS v3 2.7 LOW

2.7^/10

CVSS v3 : LOW

Vector :

Exploitability : 1.2 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/wolfSSL/wolfssl/pull/9754	Patch Issue Tracking

Configurations

Configuration 1 (hide)

cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*

History

26 Mar 2026, 18:33

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 2.7
CPE		cpe:2.3:a:wolfssl:wolfssl::::::::
First Time		Wolfssl Wolfssl wolfssl
Summary		(es) Falta un paso criptográfico requerido en la lógica de handshake HelloRetryRequest del cliente TLS 1.3 en wolfSSL podría llevar a un compromiso en la confidencialidad de las comunicaciones protegidas por TLS a través de un HelloRetryRequest manipulado seguido de un mensaje ServerHello que omite la extensión key_share requerida, resultando en la derivación de secretos de tráfico predecibles a partir del secreto compartido (EC)DHE. Este problema no afecta la autenticación del cliente del servidor durante los handshakes TLS.
References	~~() https://github.com/wolfSSL/wolfssl/pull/9754 -~~	() https://github.com/wolfSSL/wolfssl/pull/9754 - Patch, Issue Tracking

19 Mar 2026, 21:17

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-19 21:17

Updated : 2026-03-26 18:33

NVD link : CVE-2026-3230

Mitre link : CVE-2026-3230

CVE.ORG link : CVE-2026-3230

JSON object : View

Products Affected

wolfssl

wolfssl

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2026-3230", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.7, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 1.2}], "cvssMetricV40": [{"type": "Secondary", "source": "facts@wolfssl.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "AUTOMATIC", "baseScore": 1.2, "Automatable": "YES", "attackVector": "NETWORK", "baseSeverity": "LOW", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:D/RE:X/U:Clear", "exploitMaturity": "PROOF_OF_CONCEPT", "providerUrgency": "CLEAR", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "HIGH", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-03-19T21:17:12.483", "references": [{"url": "https://github.com/wolfSSL/wolfssl/pull/9754", "tags": ["Patch", "Issue Tracking"], "source": "facts@wolfssl.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "facts@wolfssl.com", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Missing required cryptographic step in the TLS 1.3 client HelloRetryRequest handshake logic in wolfSSL could lead to a compromise in the confidentiality of TLS-protected communications via a crafted HelloRetryRequest followed by a ServerHello message that omits the required key_share extension, resulting in derivation of predictable traffic secrets from (EC)DHE shared secret. This issue does not affect the client's authentication of the server during TLS handshakes."}, {"lang": "es", "value": "Falta un paso criptogr\u00e1fico requerido en la l\u00f3gica de handshake HelloRetryRequest del cliente TLS 1.3 en wolfSSL podr\u00eda llevar a un compromiso en la confidencialidad de las comunicaciones protegidas por TLS a trav\u00e9s de un HelloRetryRequest manipulado seguido de un mensaje ServerHello que omite la extensi\u00f3n key_share requerida, resultando en la derivaci\u00f3n de secretos de tr\u00e1fico predecibles a partir del secreto compartido (EC)DHE. Este problema no afecta la autenticaci\u00f3n del cliente del servidor durante los handshakes TLS."}], "lastModified": "2026-03-26T18:33:37.110", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA3FA1CB-CEDC-4D49-9ECD-99BBF1602312", "versionEndExcluding": "5.9.0"}], "operator": "OR"}]}], "sourceIdentifier": "facts@wolfssl.com"}