{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-3503", "assignerOrgId": "50d2cd11-d01a-48ed-9441-5bfce9d63b27", "state": "PUBLISHED", "assignerShortName": "wolfSSL", "dateReserved": "2026-03-03T22:56:47.976Z", "datePublished": "2026-03-19T18:12:26.909Z", "dateUpdated": "2026-03-19T19:24:36.198Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "50d2cd11-d01a-48ed-9441-5bfce9d63b27", "shortName": "wolfSSL", "dateUpdated": "2026-03-19T18:12:26.909Z"}, "title": "Fault injection attack with ML-DSA and ML-KEM on ARM", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-335", "description": "CWE-335 Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-624", "descriptions": [{"lang": "en", "value": "CAPEC-624 Hardware Fault Injection"}]}], "affected": [{"vendor": "wolfSSL Inc.", "product": "wolfSSL (wolfCrypt)", "platforms": ["ARM"], "collectionURL": "https://github.com/wolfSSL/wolfssl", "packageName": "wolfssl", "repo": "https://github.com/wolfSSL/wolfssl", "modules": ["wolfCrypt", "ML-KEM", "ML-DSA"], "versions": [{"status": "affected", "version": "5.8.2", "lessThan": "5.9.0", "versionType": "semver"}], "defaultStatus": "affected"}], "descriptions": [{"lang": "en", "value": "Protection mechanism failure in wolfCrypt post-quantum implementations (ML-KEM and ML-DSA) in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults that corrupt or redirect seed/pointer values during Keccak-based expansion.\n\n\n\n\nThis issue affects wolfSSL (wolfCrypt): commit hash d86575c766e6e67ef93545fa69c04d6eb49400c6.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>Protection mechanism failure in wolfCrypt post-quantum implementations (ML-KEM and ML-DSA) in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults that corrupt or redirect seed/pointer values during Keccak-based expansion.<br></p><p></p><p>This issue affects wolfSSL (wolfCrypt): commit hash d86575c766e6e67ef93545fa69c04d6eb49400c6.</p><br><p></p>"}]}], "references": [{"url": "https://github.com/wolfSSL/wolfssl/pull/9734", "tags": ["x_refsource_CONFIRM"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "PHYSICAL", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "subIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "AMBER", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 4.3, "vectorString": "CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:L/SI:L/SA:N/U:Amber"}}], "credits": [{"lang": "en", "value": "Hariprasad Kelassery Valsaraj of Temasek Laboratories", "type": "finder"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-19T19:24:29.505763Z", "id": "CVE-2026-3503", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-19T19:24:36.198Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-3503", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-19T19:24:29.505763Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-19T19:24:32.321Z"}}], "cna": {"title": "Fault injection attack with ML-DSA and ML-KEM on ARM", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Hariprasad Kelassery Valsaraj of Temasek Laboratories"}], "impacts": [{"capecId": "CAPEC-624", "descriptions": [{"lang": "en", "value": "CAPEC-624 Hardware Fault Injection"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 4.3, "Automatable": "NOT_DEFINED", "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:L/SI:L/SA:N/U:Amber", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "AMBER", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/wolfSSL/wolfssl", "vendor": "wolfSSL Inc.", "modules": ["wolfCrypt", "ML-KEM", "ML-DSA"], "product": "wolfSSL (wolfCrypt)", "versions": [{"status": "affected", "version": "5.8.2", "lessThan": "5.9.0", "versionType": "semver"}], "platforms": ["ARM"], "packageName": "wolfssl", "collectionURL": "https://github.com/wolfSSL/wolfssl", "defaultStatus": "affected"}], "references": [{"url": "https://github.com/wolfSSL/wolfssl/pull/9734", "tags": ["x_refsource_CONFIRM"]}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "Protection mechanism failure in wolfCrypt post-quantum implementations (ML-KEM and ML-DSA) in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults that corrupt or redirect seed/pointer values during Keccak-based expansion.\n\n\n\n\nThis issue affects wolfSSL (wolfCrypt): commit hash d86575c766e6e67ef93545fa69c04d6eb49400c6.", "supportingMedia": [{"type": "text/html", "value": "<p>Protection mechanism failure in wolfCrypt post-quantum implementations (ML-KEM and ML-DSA) in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults that corrupt or redirect seed/pointer values during Keccak-based expansion.<br></p><p></p><p>This issue affects wolfSSL (wolfCrypt): commit hash d86575c766e6e67ef93545fa69c04d6eb49400c6.</p><br><p></p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-335", "description": "CWE-335 Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)"}]}], "providerMetadata": {"orgId": "50d2cd11-d01a-48ed-9441-5bfce9d63b27", "shortName": "wolfSSL", "dateUpdated": "2026-03-19T18:12:26.909Z"}}}, "cveMetadata": {"cveId": "CVE-2026-3503", "state": "PUBLISHED", "dateUpdated": "2026-03-19T19:24:36.198Z", "dateReserved": "2026-03-03T22:56:47.976Z", "assignerOrgId": "50d2cd11-d01a-48ed-9441-5bfce9d63b27", "datePublished": "2026-03-19T18:12:26.909Z", "assignerShortName": "wolfSSL"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*", "matchCriteriaId": "A2A180B2-4508-417E-9A0B-D8FF01125D83", "versionEndExcluding": "5.9.0", "versionStartIncluding": "5.8.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Protection mechanism failure in wolfCrypt post-quantum implementations (ML-KEM and ML-DSA) in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults that corrupt or redirect seed/pointer values during Keccak-based expansion.\n\n\n\n\nThis issue affects wolfSSL (wolfCrypt): commit hash d86575c766e6e67ef93545fa69c04d6eb49400c6."}, {"lang": "es", "value": "Falla del mecanismo de protecci\u00f3n en las implementaciones post-cu\u00e1nticas de wolfCrypt (ML-KEM y ML-DSA) en wolfSSL en microcontroladores ARM Cortex-M permite a un atacante f\u00edsico comprometer material de clave y/o resultados criptogr\u00e1ficos a trav\u00e9s de fallas transitorias inducidas que corrompen o redirigen valores de semilla/puntero durante la expansi\u00f3n basada en Keccak.\n\nEste problema afecta a wolfSSL (wolfCrypt): hash de commit d86575c766e6e67ef93545fa69c04d6eb49400c6."}], "id": "CVE-2026-3503", "lastModified": "2026-04-29T17:28:53.880", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 5.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 4.2, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "attackVector": "PHYSICAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "AMBER", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "facts@wolfssl.com", "type": "Secondary"}]}, "published": "2026-03-19T19:16:20.570", "references": [{"source": "facts@wolfssl.com", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/wolfSSL/wolfssl/pull/9734"}], "sourceIdentifier": "facts@wolfssl.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-335"}], "source": "facts@wolfssl.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": ["arm"], "status": "affected", "versions": {"scheme": "semver", "value": "[5.8.2,5.9.0)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "wolfSSL (wolfCrypt)", "source": "cna", "vendor": "wolfSSL Inc."}, "product": "wolfcrypt", "vendor": "wolfssl"}], "analysis": {"en": {"generated_at": "2026-03-19T19:50:25.383203+00:00", "value": {"mitigation_remediation": ["Update to a wolfSSL version released after commit d86575c766e6e67ef93545fa69c04d6eb49400c6 or to the latest stable release that addresses this fault injection issue.", "If a patch is not available, apply hardware\u2011level fault detection or shielding to mitigate transient fault attacks on the device.", "Ensure devices are physically secured to prevent unauthorized access or tampering."], "summary": {"action": "Upgrade Software", "impact": "Compromise of cryptographic key material"}, "threat_synthesis": {"affected_systems": "WolfSSL (wolfCrypt) versions prior to commit d86575c766e6e67ef93545fa69c04d6eb49400c6 are affected. No specific version numbers are listed in the data; the commit hash indicates the code base where the flaw exists.", "description_and_impact": "The vulnerability is a fault injection flaw in wolfSSL\u2019s wolfCrypt post\u2011quantum implementations (ML\u2011KEM and ML\u2011DSA) on ARM Cortex\u2011M microcontrollers. A physical attacker can induce transient faults that corrupt or redirect seed or pointer values during the Keccak\u2011based expansion, allowing the attacker to compromise key material or alter cryptographic outcomes. This weakness aligns with CWE\u2011335, fault injection leading to integrity or confidentiality compromise.", "risk_and_exploitability": "The CVSS score of 4.3 indicates low severity, but the exploit requires physical access to the Cortex\u2011M device to perform fault injections, making it a high\u2011effort attack for most adversaries. EPSS data is not available and the vulnerability is not listed in the CISA KEV catalog. No publicly documented exploits are known. If physical proximity can be achieved, the attacker could gain access to sensitive keys or influence cryptographic operations, potentially compromising confidentiality or integrity."}}}}, "created": "2026-03-20T08:56:30.859757+00:00", "updated": "2026-03-20T11:06:40.869542+00:00", "vendors": ["wolfssl", "wolfssl$PRODUCT$wolfcrypt"]}