PT-2026-31736 · Wolfssl+1 · Wolfssl+1
Published
2026-04-09
·
Updated
2026-04-09
·
CVE-2026-5446
CVSS v3.1
7.1
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
wolfSSL versions configured with --enable-aria and the proprietary MagicCrypto SDK
Description
wolfSSL, when configured with --enable-aria and the proprietary MagicCrypto SDK, reuses an identical 12-byte GCM nonce for every application-data record in ARIA-GCM cipher suites used in TLS 1.2 and DTLS 1.2. This occurs because the
wc AriaEncrypt function is stateless and passes the caller-supplied IV verbatim to the MagicCrypto SDK without an internal counter, and the explicit IV is zero-initialized at session setup and never incremented in non-FIPS builds. AES-GCM is not affected as wc AesGcmEncrypt ex maintains an internal invocation counter.Recommendations
wolfSSL versions configured with --enable-aria and the proprietary MagicCrypto SDK should be updated when a fix is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Magiccrypto Sdk
Wolfssl