CVE-2025-11934

Name of the Vulnerable Software and Affected Versions wolfSSL versions 5.8.2 and earlier

Description A flaw exists in the TLS 1.3 CertificateVerify signature algorithm negotiation within wolfSSL. This issue allows for a downgrade in the signature algorithm used during the TLS handshake. Specifically, if a client supports multiple signature algorithms, such as ECDSA P521 and ECDSA P256, the server could potentially negotiate a less secure algorithm (e.g., ECDSA P256) even if the client offered a stronger one (e.g., ECDSA P521). This occurs due to improper input validation during the signature algorithm selection process.

Recommendations Update wolfSSL to a version later than 5.8.2.