CVE-2025-49600 | mbed TLS up to 3.6.3 mbedtls_lms_verify missing cryptographic step

Inserito da Angelo Barbosa | Lug 4, 2025 | CVE

A vulnerability was found in mbed TLS up to 3.6.3 and classified as problematic. This issue affects the function mbedtls_lms_verify. The manipulation leads to missing cryptographic step.

The identification of this vulnerability is CVE-2025-49600. It is possible to launch the attack on the physical device. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-49600 | mbed TLS up to 3.6.3 mbedtls_lms_verify missing cryptographic step

Post correlati

CVE-2024-45426 | Zoom Workplace App up to 6.0.x improper ownership management (ZSB-24038)

CVE-2024-36586 | AdGuard AdGuardHome 0.93 Privilege Escalation

CVE-2024-35271 | Microsoft unknown vulnerability

CVE-2024-40415 | Tenda AX1806 1.0.0.1 SetStaticRouteCfg sub_519F4 stack-based overflow