CVE-2026-1677

/* * PoC Concept: Demonstrating the configuration issue where * IPPROTO_TLS_1_3 does not enforce TLS 1.3 only. * Environment: Zephyr RTOS with mbedTLS. */ #include <zephyr/net/socket.h> #include <zephyr/kernel.h> void demonstrate_tls_downgrade(void) { int sock; struct sockaddr_in addr; // 1. Create a socket intending to use only TLS 1.3 // Vulnerability: The flag IPPROTO_TLS_1_3 is passed, // but mbedTLS may still allow TLS 1.2 negotiation. sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TLS_1_3); if (sock < 0) { return; } // 2. Configure server address (e.g., a malicious server supporting TLS 1.2) addr.sin_family = AF_INET; addr.sin_port = htons(443); inet_pton(AF_INET, "192.168.1.10", &addr.sin_addr); // 3. Initiate connection // If the server selects TLS 1.2, the connection succeeds, // violating the application's assumption of TLS 1.3 exclusivity. int ret = connect(sock, (struct sockaddr *)&addr, sizeof(addr)); if (ret == 0) { // Connection established. Check actual TLS version. // In a vulnerable build, this might be TLS 1.2. printf("Connection established. Verify protocol version.\n"); } close(sock); }

{"cve": {"id": "CVE-2026-1677", "sourceIdentifier": "[email protected]", "published": "2026-05-11T06:16:08.683", "lastModified": "2026-05-11T18:16:31.073", "vulnStatus": "Received", "cveTags": [], "descriptions": [{"lang": "en", "value": "Zephyr sockets created with `IPPROTO_TLS_1_3` can still negotiate a TLS 1.2 connection when both TLS versions are enabled in Kconfig, because the socket-level protocol selection is not propagated to mbedTLS (e.g. via `mbedtls_ssl_conf_min_tls_version`). The ClientHello advertises both versions and the peer can establish TLS 1.2, so applications that assumed `IPPROTO_TLS_1_3` enforces TLS 1.3 may silently use TLS 1.2 and remain exposed to TLS 1.2-specific weaknesses. As a workaround, the `TLS_CIPHERSUITE_LIST` socket option can be restricted to TLS 1.3-only cipher suites."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-757"}]}], "references": [{"url": "https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-23r2-m5wx-4rvq", "source": "[email protected]"}, {"url": "https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-23r2-m5wx-4rvq", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}}