CVE-2025-49087

In Mbed TLS 3.6.1 through 3.6.3 before 3.6.4, a timing discrepancy in block cipher padding removal allows an attacker to recover the plaintext when PKCS#7 padding mode is used.

CVSS v3 4.0 MEDIUM

4.0^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://github.com/Mbed-TLS/mbedtls-docs/blob/main/security-advisories/mbedtls-security-advisory-2025-06-5.md	Exploit Third Party Advisory
https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*

History

07 Aug 2025, 01:21

Type	Values Removed	Values Added
CPE		cpe:2.3:a:arm:mbed_tls::::::::
First Time		Arm mbed Tls Arm
References	~~() https://github.com/Mbed-TLS/mbedtls-docs/blob/main/security-advisories/mbedtls-security-advisory-2025-06-5.md -~~	() https://github.com/Mbed-TLS/mbedtls-docs/blob/main/security-advisories/mbedtls-security-advisory-2025-06-5.md - Exploit, Third Party Advisory
References	~~() https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/ -~~	() https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/ - Vendor Advisory

22 Jul 2025, 13:06

Type	Values Removed	Values Added
Summary		(es) En Mbed TLS 3.6.1 a 3.6.3 antes de 3.6.4, una discrepancia de tiempo en la eliminación del relleno del cifrado de bloque permite que un atacante recupere el texto sin formato cuando se utiliza el modo de relleno PKCS#7.

20 Jul 2025, 19:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-20 19:15

Updated : 2025-08-07 01:21

NVD link : CVE-2025-49087

Mitre link : CVE-2025-49087

CVE.ORG link : CVE-2025-49087

JSON object : View

Products Affected

arm

mbed_tls

CWE

CWE-385

Covert Timing Channel

4.0 /10