Can you explain this vulnerability to me?

CVE-2026-40097 is a vulnerability in Step CA, an online certificate authority used for automated certificate management in DevOps. The issue occurs in versions from 0.24.0 to before 0.30.0-rc3 when processing TPM device attestation during a device-attest-01 ACME challenge.

An attacker can send a specially crafted Attestation Key (AK) certificate that contains an empty Extended Key Usage (EKU) extension. Step CA expects the EKU extension to include a specific OID (tcg-kp-AIKCertificate) and tries to access the first element of the EKU sequence. If the EKU is empty, this causes an index out-of-bounds panic, leading to a crash.

This vulnerability only affects deployments that use TPM device attestation with the device-attest-01 ACME challenge. It is fixed in version 0.30.0-rc3 by adding proper validation to reject empty EKU sequences.

Useful 0 Not Useful 0

How can this vulnerability impact me? :

The primary impact of this vulnerability is a denial of service (DoS) condition. When Step CA processes a crafted AK certificate with an empty EKU extension, it triggers an index out-of-bounds panic, causing the service to crash or become unavailable.

This can disrupt automated certificate management workflows that rely on TPM device attestation, potentially causing downtime or interruptions in certificate issuance and renewal.

The vulnerability has a low severity score (CVSS 3.7) and requires a high attack complexity, as the attacker must craft a specific certificate and the system must be configured to use TPM attestation.

Useful 0 Not Useful 0

How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability occurs when Step CA processes a device-attest-01 ACME challenge using TPM attestation with an Attestation Key (AK) certificate that contains an empty Extended Key Usage (EKU) extension. Detection involves identifying if such malformed AK certificates are being used or accepted by your Step CA deployment.

Since the vulnerability triggers an index out-of-bounds panic during EKU validation, monitoring Step CA logs for panic or crash messages related to EKU processing can help detect exploitation attempts.

To detect vulnerable certificates, you can extract and inspect the EKU extension of AK certificates used in TPM attestation. For example, using OpenSSL commands to examine the EKU extension in certificates involved in device attestation:

• openssl x509 -in <certificate-file> -noout -text | grep -A1 'X509v3 Extended Key Usage'

Look for EKU extensions that are empty or missing the required tcg-kp-AIKCertificate OID (2.23.133.8.3). An empty EKU sequence or absence of this OID indicates a potentially crafted certificate that could trigger the vulnerability.

Additionally, monitoring network traffic for device-attest-01 ACME challenges with TPM attestation enabled can help identify if the vulnerable code path is in use.

Useful 0 Not Useful 0

What immediate steps should I take to mitigate this vulnerability?

The primary mitigation is to upgrade Step CA to version 0.30.0-rc3 or later, where the vulnerability is fixed by adding proper validation to reject AK certificates with empty EKU extensions.

If upgrading is not immediately possible, you should disable or remove any ACME provisioners that use TPM device attestation (device-attest-01) to prevent exploitation.

Monitoring and auditing your certificate issuance and attestation processes to ensure no malformed AK certificates with empty EKU extensions are accepted can also reduce risk.

Useful 0 Not Useful 0

How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

The provided information does not include any details on how CVE-2026-40097 affects compliance with common standards and regulations such as GDPR or HIPAA.

Useful 0 Not Useful 0