Executive Summary

CVE-2026-3503 is a fault injection vulnerability in the post-quantum cryptographic implementations ML-KEM (Kyber) and ML-DSA (Dilithium) within the wolfSSL library. It affects wolfCrypt on ARM Cortex-M microcontrollers. The vulnerability allows a physical attacker to induce transient faults that corrupt or redirect seed or pointer values during the Keccak-based expansion process, compromising key material or cryptographic outcomes.

The issue arises because the protection mechanisms in these cryptographic algorithms can be bypassed through fault attacks, which manipulate internal buffers or pointers to cause incorrect cryptographic computations.

Useful 0 Not Useful 0

Impact Analysis

[{'type': 'paragraph', 'content': "This vulnerability can allow a physical attacker with access to the device to compromise sensitive cryptographic key material or cause incorrect cryptographic results. This can lead to unauthorized decryption, signature forgery, or other cryptographic failures, undermining the security guarantees of the system using wolfSSL's post-quantum algorithms."}, {'type': 'paragraph', 'content': 'Such an attack could result in loss of confidentiality, integrity, and authenticity of data protected by these cryptographic primitives.'}] [1]

Useful 0 Not Useful 0

Compliance Impact

I don't know

Useful 0 Not Useful 0

Detection Guidance

This vulnerability involves fault injection attacks on post-quantum cryptographic implementations in wolfSSL on ARM Cortex-M microcontrollers. Detection typically requires monitoring for signs of induced transient faults or corrupted cryptographic operations at the hardware or firmware level.

Since the issue is related to physical fault injection and pointer/seed corruption during cryptographic operations, there are no specific network commands to detect it directly.

However, enabling fault hardening in the wolfSSL build (using the `--enable-faultharden` configuration option) introduces internal checks that can detect pointer tampering and buffer corruption during cryptographic operations. Monitoring logs or error reports from these internal checks can help identify exploitation attempts.

For system-level detection, you may consider using hardware debugging tools or fault injection detection mechanisms specific to your ARM Cortex-M microcontroller platform.

Useful 0 Not Useful 0

Mitigation Strategies

To mitigate this vulnerability, immediately update your wolfSSL library to version 5.9.0 or later, which includes patches that harden the ML-KEM (Kyber) and ML-DSA (Dilithium) implementations against fault injection attacks.

• Rebuild wolfSSL with the `--enable-faultharden` configuration option enabled to activate the fault hardening features.
• Ensure that the updated wolfSSL source files (`wc_mlkem.c`, `dilithium.c`, and `sha3.c`) with the fault hardening patches are applied.
• Deploy the updated and hardened wolfSSL library on all affected ARM Cortex-M microcontroller devices.

Additionally, consider implementing physical security measures to prevent fault injection attacks, such as shielding and tamper detection on the hardware.

Useful 0 Not Useful 0