Input validation error in TF-PSA-Crypto and mbed TLS - CVE-2026-54434
Published: July 13, 2026
TF-PSA-Crypto
mbed TLS
Detailed vulnerability description
The vulnerability allows a remote attacker to force the ECDH shared secret to a fixed value.
The vulnerability exists due to improper input validation in the built-in Curve25519 (X25519) ECDH implementation when performing key agreement with PSA_ALG_ECDH. A remote attacker can supply input that results in an all-zero shared secret to force the ECDH shared secret to a fixed value.
Only builds with MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED are vulnerable, and the issue applies to protocols that require contributory behaviour.