OpenSSL
Moderate fix4 remedies
cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*, +1 more
Moderate fix4 remedies
- >= 4.0, < 4.0.1
- >= 3.6, < 3.6.3
- >= 3.5, < 3.5.7
- >= 3.4, < 3.4.6
OpenSSL PKCS#12 Files with PBMAC1 Authentication Accepted with Short HMAC Keys
Vulnerability
Patched
A vulnerability exists in OpenSSL's processing of PKCS#12 files that use the Password-Based Message Authentication Code 1 (PBMAC1) integrity mechanism. The issue arises because the input validation for these files is insufficient, allowing for the forgery of certificates and private keys. This vulnerability affects OpenSSL versions 4.0, 3.6, 3.5, and 3.4, while versions 3.0, 1.1.1, and 1.0.2 are not affected as they do not support PBMAC1 in PKCS#12.
Impact
Exploitation of this vulnerability allows an attacker to impersonate a user and cause a service that reads PKCS#12 files to accept forged certificates and private keys, with a success probability of 1 in 256.
Reproduction
To reproduce this vulnerability, an attacker can create an unencrypted PKCS#12 file that uses PBMAC1 authentication, specifying an HMAC key of only one byte. When this crafted file is processed by a service that accepts PKCS#12 files and uses passwords for authentication, the service will mistakenly accept the forged certificate and private key.
Remediation
Users of OpenSSL 4.0 should upgrade to OpenSSL 4.0.1, those on OpenSSL 3.6 should upgrade to OpenSSL 3.6.3, users of OpenSSL 3.5 should upgrade to OpenSSL 3.5.7, and OpenSSL 3.4 users should upgrade to OpenSSL 3.4.6.
Added: Jun 9, 2026, 8:46 PM
Updated: Jun 9, 2026, 8:46 PM
Vulnerability Rating
Custom Algorithm
spread
8.6impact
2.5exploitability
8.0remediation
7.7relevance
9.3threat
4.8urgency
2.9incentive
4.2Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.