Back to search
CVE-2026-3503
Published: Mar 19, 2026
Modified: Mar 19, 2026
PUBLISHED
Description
Protection mechanism failure in wolfCrypt post-quantum implementations (ML-KEM and ML-DSA) in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults that corrupt or redirect seed/pointer values during Keccak-based expansion. This issue affects wolfSSL (wolfCrypt): commit hash d86575c766e6e67ef93545fa69c04d6eb49400c6.
| Vendor | Product | Versions |
|---|---|---|
wolfSSL Inc. | wolfSSL (wolfCrypt) | affected 5.8.2 - < 5.9.0 |
Weaknesses (CWE)
References
https://github.com/wolfSSL/wolfssl/pull/9734
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now