CVE-2025-11932
BaseFortify
Publication date: 2025-11-21
Last updated on: 2025-12-04
Assigner: wolfSSL Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wolfssl | wolfssl | 5.8.2 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-203 | The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves the server verifying the TLS 1.3 PSK (Pre-Shared Key) binder using a non-constant time method. Because the verification is not done in constant time, it could potentially leak information about the PSK binder, which might be exploited by an attacker to gain knowledge about the key.
How can this vulnerability impact me? :
The vulnerability could allow an attacker to gain partial information about the PSK binder by measuring timing differences during verification. This could weaken the security of the TLS 1.3 connection, potentially allowing attackers to compromise the confidentiality or integrity of communications that rely on the PSK.