Arm · Mbed Tls · CVE-2017-14032
**Name of the Vulnerable Software and Affected Versions**
mbed TLS versions prior to 1.3.21
mbed TLS versions 2.x prior to 2.1.9
**Description**
The issue allows remote attackers to bypass peer authentication via an X.509 certificate chain with many intermediates, but only if optional authentication is configured.
**Recommendations**
For mbed TLS versions prior to 1.3.21, update to version 1.3.21 or later to resolve the issue.
For mbed TLS versions 2.x prior to 2.1.9, update to version 2.1.9 or later to resolve the issue.