{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2026-25835", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-01T20:07:53.961Z", "dateReserved": "2026-02-06T00:00:00.000Z", "datePublished": "2026-04-01T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-01T18:19:53.547Z"}, "descriptions": [{"lang": "en", "value": "Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a Pseudo-Random Number Generator (PRNG)."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/"}, {"url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-rng-cloning/"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-335", "lang": "en", "description": "CWE-335 Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.7, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-01T20:07:23.224357Z", "id": "CVE-2026-25835", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T20:07:53.961Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.7, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-25835", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-01T20:07:23.224357Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-335", "description": "CWE-335 Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T20:06:36.914Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/"}, {"url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-rng-cloning/"}], "descriptions": [{"lang": "en", "value": "Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a Pseudo-Random Number Generator (PRNG)."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-01T18:19:53.547Z"}}}, "cveMetadata": {"cveId": "CVE-2026-25835", "state": "PUBLISHED", "dateUpdated": "2026-04-01T20:07:53.961Z", "dateReserved": "2026-02-06T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-04-01T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*", "matchCriteriaId": "F718023A-E632-45A1-8C51-781C969DA96D", "versionEndExcluding": "3.6.6", "versionStartIncluding": "2.18.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arm:mbed_tls:4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "8EF688FA-732F-4EAF-BAC6-AC3CDAF19588", "vulnerable": true}, {"criteria": "cpe:2.3:a:arm:tf-psa-crypto:*:*:*:*:*:*:*:*", "matchCriteriaId": "7F85529C-03C6-44F4-9242-372DCDF0B52C", "versionEndExcluding": "1.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a Pseudo-Random Number Generator (PRNG)."}], "id": "CVE-2026-25835", "lastModified": "2026-04-06T14:29:47.000", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.2, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-04-01T19:16:28.663", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-rng-cloning/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-335"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,3.6.6)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 86.0, "source": "matching"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "mbedtls", "vendor": "mbed-tls"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.1.0)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "tf-psa-crypto", "vendor": "mbed-tls"}], "analysis": {"en": {"generated_at": "2026-04-06T17:30:05.805105+00:00", "value": {"mitigation_remediation": ["Update Mbed\u00a0TLS to version\u00a03.6.6 or newer.", "Upgrade TF\u2011PSA\u2011Crypto to version\u00a01.1.0 or newer."], "summary": {"action": "Immediate Patch", "impact": "Predictable random values may compromise cryptographic keys and data integrity"}, "threat_synthesis": {"affected_systems": "Systems that link against ARM\u2019s Mbed\u00a0TLS library prior to version\u00a03.6.6 and those that use TF\u2011PSA\u2011Crypto prior to version\u00a01.1.0 are affected. Applications that rely on the default PRNG for key generation, TLS handshakes, or random token creation may be impacted.", "description_and_impact": "The flaw is caused by improper seeding of the pseudo\u2011random number generator in Mbed\u00a0TLS versions earlier than 3.6.6 and in TF\u2011PSA\u2011Crypto versions earlier than 1.1.0. Because the seed values are not sufficiently random, the output of the PRNG can become predictable. If an attacker can influence the seed or observe the PRNG output, they could recover cryptographic keys or forge tokens, thereby breaching confidentiality and integrity of encrypted or signed data.", "risk_and_exploitability": "The CVSS base score is 7.7, indicating a high severity, while the EPSS score is below 1\u202f%, suggesting that exploitation is currently considered unlikely. The vulnerability is not listed in the CISA KEV catalog. The likely attack vector involves an attacker influencing the source of entropy used to seed the PRNG, for example by providing crafted input to cryptographic operations or manipulating environment values. This inference is based on the description of the seed misuse; no public exploit has been reported to date."}}}}, "created": "2026-04-02T07:51:26.730211+00:00", "updated": "2026-04-07T08:07:45.609100+00:00", "vendors": ["mbed-tls", "mbed-tls$PRODUCT$mbedtls", "mbed-tls$PRODUCT$tf-psa-crypto"]}