A vulnerability was found in mbed TLS up to 3.6.3 and classified as problematic. This issue affects the function mbedtls_lms_verify. The manipulation leads to missing cryptographic step.

The identification of this vulnerability is CVE-2025-49600. It is possible to launch the attack on the physical device. There is no exploit available.

It is recommended to upgrade the affected component.