wolfSSL TLS 1.2 Server Logic Flaw Vulnerability in Message Order Handling

A logic flaw has been identified in wolfSSL versions through 5.8.2, specifically within the TLS 1.2 server state machine. The vulnerability allows the server to incorrectly accept the CertificateVerify message before receiving the ClientKeyExchange message. This flaw could disrupt the proper handshake process, potentially leading to security issues. While wolfSSL 5.8.4 later addressed this problem by introducing additional checks, version 5.9.0 further enhanced the validation process to catch the issue earlier in the handshake.

Impact

Exploitation of this vulnerability could lead to improper handling of TLS handshake messages, potentially allowing for man-in-the-middle attacks or other interception of the secure communication process.

Remediation

Users can upgrade to wolfSSL version 5.8.4 or later to address this vulnerability. Instructions for downloading the latest version are available on the wolfSSL website.