CVE-2025-27810: 
Mbed TLS vulnerability analysis and mitigation

CVE-2025-27810 affects Mbed TLS versions before 2.28.10 and 3.x before 3.6.3. The vulnerability involves the TLS Finished message calculation, where in cases of failed memory allocation or hardware errors, the system uses uninitialized stack memory to compose the TLS Finished message. This vulnerability was discovered and disclosed on March 24, 2025 (MITRE, NVD).

The vulnerability occurs during the TLS handshake process, specifically in the calculation of the Finished message which is crucial for ensuring handshake integrity. When memory allocation fails or a cryptographic hardware driver returns an error at a specific point during the handshake, the system incorrectly uses uninitialized stack memory content for the Finished message calculation. The vulnerability has been assigned a CVSS v3.1 Base Score of 5.4 (MEDIUM) with vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N (NVD).

The vulnerability could potentially lead to authentication bypasses such as replay attacks. An attacker with the ability to trigger memory allocation failures or cryptographic hardware failures may be able to break the security guarantees of the TLS handshake. This could enable them to tamper with the handshake through a Man in the Middle attack or replay handshake messages to impersonate a legitimate peer (Security Advisory).

The primary mitigation is to upgrade to Mbed TLS version 2.28.10 or 3.6.3, which contain fixes for this vulnerability. As a workaround, users can ensure that sufficient memory is available before performing a handshake and verify that any cryptographic hardware drivers used for hash functions cannot return errors (Security Advisory).