CVE-2026-34181

HIGH EPSS 9.5%
Published Jun 9, 20262w ago · Modified Jun 17, 20261w ago
7.4 CVSS 3.1
High
Find Similar
Published Jun 9, 2026 2w ago
Last Modified Jun 17, 2026 1w ago

Description

Issue Summary: The PKCS#12 file processing fails to perform sufficient input validation for files that use Password-Based Message Authentication Code 1 (PBMAC1) integrity mechanism allowing a certificate and private key forgery. Impact Summary: An attacker impersonating a user can cause a service reading PKCS#12 files to accept forged certificates and private keys with a 1 in 256 probability. If a service accepting PKCS#12 files is using passwords for authenticating the received files, the attacker can create unencrypted PKCS#12 files that use PBMAC1 authentication that specifies an HMAC key of only one byte, allowing them to craft a file that will be accepted with a 1 in 256 probability. That would then cause the service to accept a certificate and private key controlled by the attacker. The FIPS modules are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.

CVSS Details

Base Score
7.4
Exploitability
2.2
Impact
5.2
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Attack Vector Network
Attack Complexity High
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability None

Threat Intelligence

EPSS Exploit Probability
9.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-354

Affected Products 4

VendorProductVersionRange
opensslopenssl*≥3.4.0  –  <3.4.6
opensslopenssl*≥3.5.0  –  <3.5.7
opensslopenssl*≥3.6.0  –  <3.6.3
opensslopenssl4.0.0any

References 5

  • github.com https://github.com/openssl/openssl/commit/0300eb9ddce7a0895bf301a4b0c03a9da2313a0f
    Patch
  • github.com https://github.com/openssl/openssl/commit/79eb76a937e474bb7610a0a3dc57131dc8dc6610
    Patch
  • github.com https://github.com/openssl/openssl/commit/85dcbb3abaa4878af5c8fbbe11bce708fcf984a7
    Patch
  • github.com https://github.com/openssl/openssl/commit/ec36f2417c4ddd8cabce4b4a60a3d7a7365f2d81
    Patch
  • openssl-library.org https://openssl-library.org/news/secadv/20260609.txt
    Vendor Advisory

Remediation

  • github.com https://github.com/openssl/openssl/commit/0300eb9ddce7a0895bf301a4b0c03a9da2313a0f
    Patch
  • github.com https://github.com/openssl/openssl/commit/79eb76a937e474bb7610a0a3dc57131dc8dc6610
    Patch
  • github.com https://github.com/openssl/openssl/commit/85dcbb3abaa4878af5c8fbbe11bce708fcf984a7
    Patch
  • github.com https://github.com/openssl/openssl/commit/ec36f2417c4ddd8cabce4b4a60a3d7a7365f2d81
    Patch