CVE-2022-25640

HIGH

wolfssl < 5.2.0 - Improper Certificate Validation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-25640. PoCs published by dim0x69.

AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2022-25640, a vulnerability in wolfSSL before 5.2 that allows a client to bypass mutual authentication in TLS 1.3 connections. The exploit uses Scapy to craft malicious TLS handshake packets.

Description

In wolfSSL before 5.2.0, a TLS 1.3 server cannot properly enforce a requirement for mutual authentication. A client can simply omit the certificate_verify message from the handshake, and never present a certificate.

Exploits (1)

nomisec WORKING POC 2 stars

by dim0x69 · poc

https://github.com/dim0x69/cve-2022-25640-exploit

View Code ZIP pw:eip

This repository contains a proof-of-concept exploit for CVE-2022-25640, a vulnerability in wolfSSL before 5.2 that allows a client to bypass mutual authentication in TLS 1.3 connections. The exploit uses Scapy to craft malicious TLS handshake packets.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: wolfSSL < 5.2

No auth needed

Prerequisites: Network access to a vulnerable wolfSSL server · Scapy installed

MITRE ATT&CK

T1557 - Adversary-in-the-Middle

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Patch, Third Party Advisory x_refsource_misc

https://github.com/wolfSSL/wolfssl/pull/4831

Scores

CVSS v3 7.5

EPSS 0.0133

EPSS Percentile 67.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE

CWE-295

Status published

Products (1)

wolfssl/wolfssl < 5.2.0

Published Feb 24, 2022

Tracked Since Feb 18, 2026