Improper certificate validation in mbed TLS - CVE-2025-27809
Published: March 25, 2025
Vulnerability identifier: #VU106010
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:U/U:Green
CVE-ID: CVE-2025-27809
CWE-ID: CWE-295
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: ARM
Affected software:
mbed TLS
mbed TLS
Detailed vulnerability description
The vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists within the client authentication process during certificate-based authentication. Due to insecure default behavior, if a TLS client application does not call mbedtls_ssl_set_hostname(), the server verification step is skipped. As a result, a remote attacker can supply any valid certificate signed by a trusted CA and perform MitM attack.
How to mitigate CVE-2025-27809
Install updates from vendor's website.