CVE-2026-34872
Received Received - Intake
Contributory Behavior Flaw in Mbed TLS FFDH Enables MITM Attack

Publication date: 2026-04-01

Last updated on: 2026-04-03

Assigner: MITRE

Description
An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values (lack of contributory behavior). This is a problem for protocols that depend on contributory behavior (which is not the case for TLS). The attack can be carried by the peer, or depending on the protocol by an active network attacker (person in the middle).
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-01
Last Modified
2026-04-03
Generated
2026-06-16
AI Q&A
2026-04-01
EPSS Evaluated
2026-06-15
NVD
CVE-2026-34872
EUVD
EUVD-2026-18021
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
arm mbed_tls to 3.6.6 (exc)
arm tf-psa-crypto 1.0.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-347 The product does not verify, or incorrectly verifies, the cryptographic signature for data.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-34872 is a vulnerability in Mbed TLS related to the Finite Field Diffie-Hellman (FFDH) key exchange. It occurs due to improper input validation, which causes a lack of contributory behavior in the FFDH implementation. This means that during the cryptographic key exchange, the other party can force the shared secret into a small set of values, weakening the security of the protocol.

This issue affects Mbed TLS versions 3.5.x and 3.6.x through 3.6.5, as well as TF-PSA-Crypto 1.0. The attack can be carried out by the peer or, depending on the protocol, by an active network attacker such as a man-in-the-middle.

Impact Analysis

This vulnerability can undermine the security guarantees of protocols that depend on contributory behavior in the Finite Field Diffie-Hellman key exchange. An attacker can force the shared secret into a limited set of values, potentially allowing them to predict or influence cryptographic keys.

Such an attack could be performed by a peer or an active network attacker (man-in-the-middle), which could lead to compromised confidentiality and integrity of communications relying on the affected cryptographic implementation.

However, it is noted that this issue does not affect TLS protocols, which do not depend on contributory behavior in this context.

Mitigation Strategies

The vulnerability arises from improper input validation in the Finite Field Diffie-Hellman (FFDH) implementation in affected versions of Mbed TLS and TF-PSA-Crypto.

Immediate mitigation steps would typically include updating to a fixed version of the affected libraries once available, or applying any patches or workarounds provided by the vendor.

Since specific fixes or workarounds are not detailed in the provided resources, it is recommended to monitor official Mbed TLS security advisories and update your cryptographic libraries accordingly to ensure the vulnerability is addressed.

Compliance Impact

The provided information does not specify how the vulnerability in Mbed TLS related to Finite Field Diffie-Hellman (FFDH) affects compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-34872. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart