Primary

Context

wolfSSL ECCSI Signature Forgery Vulnerability in Signature Verification

Vulnerability

Patched

A vulnerability exists in wolfSSL's ECCSI signature verifier function `wc_VerifyEccsiHash`. The issue arises because the function decodes the `r` and `s` scalars from the signature blob using `mp_read_unsigned_bin` without verifying that these values fall within the range of `[1, q-1]`. This lack of validation allows a crafted, forged signature to be accepted as valid for any message and identity, by exploiting publicly known constants.

Impact

Exploitation of this vulnerability allows for the forgery of signatures, enabling a malicious actor to create a false signature that is accepted as legitimate by the signature verification process.

Remediation

Users are advised to update to the latest version of wolfSSL where this vulnerability has been addressed.

Added: Apr 10, 2026, 4:24 AM

Updated: Apr 10, 2026, 4:24 AM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

2.5

exploitability

4.7

remediation

7.7

relevance

5.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

2.5

exploitability

4.7

remediation

7.7

relevance

5.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

wolfSSL ECCSI Signature Forgery Vulnerability in Signature Verification

Vulnerability

Impact

Remediation

Affected Products

wolfSSL

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating