- Description
- Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery.
- Source
- cve@mitre.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 7.8
- Impact score
- 5.8
- Exploitability score
- 1.4
- Vector string
- CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
- Severity
- HIGH
- cve@mitre.org
- CWE-733
- Hype score
- Not currently trending
CVE-2025-52496 Race Condition in Mbed TLS AESNI Detection Leading to Key Extraction Vulnerability https://t.co/4lHVcuTxXL
@VulmonFeeds
4 Jul 2025
66 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-52496 Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithrea… https://t.co/U92H6cLKMD
@CVEnew
4 Jul 2025
356 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes