CVE-2018-1000520
HIGHARM mbedTLS < 2.7.0 - Improper Certificate Validation via TLS-ECDH-RSA Ciphersuite
Title source: llmDescription
ARM mbedTLS version 2.7.0 and earlier contains a Ciphersuite Allows Incorrectly Signed Certificates vulnerability in mbedtls_ssl_get_verify_result() that can result in ECDSA-signed certificates are accepted, when only RSA-signed ones should be.. This attack appear to be exploitable via Peers negotiate a TLS-ECDH-RSA-* ciphersuite. Any of the peers can then provide an ECDSA-signed certificate, when only an RSA-signed one should be accepted..
References (1)
Core 1
Core References
Issue Tracking, Third Party Advisory x_refsource_misc
https://github.com/ARMmbed/mbedtls/issues/1561
Scores
CVSS v3
7.5
EPSS
0.0017
EPSS Percentile
37.5%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-295
Status
published
Products (1)
arm/mbed_tls
< 2.7.0
Published
Jun 26, 2018
Tracked Since
Feb 18, 2026