Security Vulnerability Report
中文
CVE-2026-34582 CVSS 9.1 CRITICAL

CVE-2026-34582

Published: 2026-04-07 22:16:23
Last Modified: 2026-04-17 20:31:28
Source: [email protected]

Description

Botan is a C++ cryptography library. Prior to version 3.11.1, the TLS 1.3 implementation allowed ApplicationData records to be processed prior to the Finished message being received. A server which is attempting to enforce client authentication via certificates can by bypassed by a client which entirely omits Certificate, CertificateVerify, and the Finished message and instead sends application data records. This vulnerability is fixed in 3.11.1.

CVSS Details

CVSS Score
9.1
Severity
CRITICAL
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Configurations (Affected Products)

cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:* - VULNERABLE
Botan < 3.11.1

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
# This is a conceptual Proof of Concept (PoC) to demonstrate the vulnerability logic. # It requires a vulnerable version of Botan library ( < 3.11.1). # Since this is a library flaw, actual exploitation involves modifying the TLS handshake flow. import socket import ssl # Conceptual PoC: Attacker attempts to send Application Data before Finished # Note: Standard Python ssl library enforces RFC compliance, so this PoC # illustrates the *intent* of the exploit flow rather than a working script. def exploit_vulnerable_tls(target_host, target_port): print(f"[+] Connecting to {target_host}:{target_port}...") # In a real exploit using the vulnerable Botan library: # 1. Establish TCP connection sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock.connect((target_host, target_port)) # 2. Send ClientHello # send_client_hello(sock) # 3. Receive ServerHello, CertificateRequest, etc. # server_msgs = receive_server_messages(sock) # 4. VULNERABILITY TRIGGER: # Instead of sending Certificate, CertificateVerify, and Finished, # the client sends Application Data immediately. print("[!] Skipping Certificate and Finished messages...") print("[!] Sending Application Data prematurely...") # malicious_payload = create_http_request("/admin/delete") # send_record(sock, CONTENT_APPLICATION_DATA, malicious_payload) # If vulnerable, the server processes the request without authenticating the client. print("[+] Exploit logic executed. Check server response.") sock.close() if __name__ == "__main__": # This is a placeholder for demonstration # exploit_vulnerable_tls("127.0.0.1", 443) pass

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2026-34582", "sourceIdentifier": "[email protected]", "published": "2026-04-07T22:16:22.810", "lastModified": "2026-04-17T20:31:27.753", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Botan is a C++ cryptography library. Prior to version 3.11.1, the TLS 1.3 implementation allowed ApplicationData records to be processed prior to the Finished message being received. A server which is attempting to enforce client authentication via certificates can by bypassed by a client which entirely omits Certificate, CertificateVerify, and the Finished message and instead sends application data records. This vulnerability is fixed in 3.11.1."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 8.7, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "baseScore": 9.1, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 5.2}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-841"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.0.0", "versionEndIncluding": "3.11.0", "matchCriteriaId": "25A3A356-B073-49F5-BC6C-959E42E1D4F7"}]}]}], "references": [{"url": "https://github.com/randombit/botan/security/advisories/GHSA-pxcj-9ppx-g86g", "source": "[email protected]", "tags": ["Vendor Advisory", "Mitigation"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.