Sangsup.Lee

**Name of the Vulnerable Software and Affected Versions** Eclipse tinydtls version 0.8.2 **Description** The issue allows remote attackers to cause a denial of service by sending a "Change cipher spec" packet without pre-handshake, resulting in a DTLS peer crash. **Recommendations** For Eclipse tinydtls version 0.8.2, consider implementing a validation check to ensure that "Change cipher spec" packets are only accepted after a successful pre-handshake. As a temporary workaround, restrict incoming DTLS connections to trusted sources until a patch is available.