#VU112447 Unchecked Return Value in mbed TLS - CVE-2025-49600


Vulnerability identifier: #VU112447

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-49600

CWE-ID: CWE-252

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
mbed TLS
Universal components / Libraries / Libraries used by multiple products

Vendor: ARM

Description

The vulnerability allows a remote attacker to bypass signature verification.

The vulnerability exists due to unchecked return value in mbedtls_lms_verify(). A remote attacker can bypass LMS signature verification process.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

mbed TLS: 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1, 3.5.2, 3.6.0, 3.6.1, 3.6.2, 3.6.3

External links
https://github.com/Mbed-TLS/mbedtls-docs/blob/main/security-advisories/mbedtls-security-advisory-2025-06-3.md

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Fedora EPEL 10.0 update for mbedtls
Fedora EPEL 10.1 update for mbedtls
Fedora 42 update for mbedtls
Multiple vulnerabilities in ARM mbed TLS