Wolfssl · Wolfssl · CVE-2020-12457
**Name of the Vulnerable Software and Affected Versions**
wolfSSL versions prior to 4.5.0
**Description**
An issue in the TLS 1.3 change cipher spec (CCS) message processing logic can cause a denial of service. If an attacker sends ChangeCipherSpec messages in a specific way, involving more than one in a row, the server becomes stuck in the ProcessReply() loop.
**Recommendations**
For versions prior to 4.5.0, update to version 4.5.0 or later to resolve the issue. As a temporary workaround, consider restricting or disabling TLS 1.3 support until a patch is available.