CVE-2023-3724

Name of the Vulnerable Software and Affected Versions wolfSSL (affected versions not specified)

Description When a TLS 1.3 client connects to a malicious server without receiving a PSK (pre shared key) extension or a KSE (key share extension), it uses a default predictable buffer for the IKM (Input Keying Material) value. This compromises the generated session master secret key, allowing an eavesdropper to reconstruct it and potentially access or meddle with message contents. The issue does not affect client validation of connected servers or expose private key information but could result in an insecure TLS 1.3 session.

Recommendations Update the version of wolfSSL used to resolve the issue. As a temporary workaround, consider restricting connections to trusted servers to minimize the risk of exploitation.