Use of Default Cryptographic Key in otp - CVE-2026-54887
Published: July 2, 2026
otp
Detailed vulnerability description
The vulnerability allows a remote attacker to bypass DTLS address verification.
The vulnerability exists due to use of a default cryptographic key in the DTLS cookie handling during server startup when processing a plaintext ClientHello before the first cookie secret rotation. A remote attacker can compute and submit a valid forged cookie to bypass DTLS address verification.
The issue is limited to the startup window before the first secret rotation, approximately 0 to 15 seconds, and requires observing the plaintext ClientHello contents.