AWS-LC CVE-2026-3336
HIGHSeverity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network-reachable, unauthenticated, no interaction (AV:N/AC:L/PR:N/UI:N); integrity-only certificate-validation bypass with no confidentiality or availability impact (C:N/I:H/A:N).
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Primary rating from Vendor (ff89ba41-3aa1-4d27-914a-91399e9639e5).
CVSS VectorVendor: ff89ba41-3aa1-4d27-914a-91399e9639e5
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
9DescriptionCVE.org
Improper certificate validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass certificate chain verification when processing PKCS7 objects with multiple signers, except the final signer.
Customers of AWS services do not need to take action. Applications using AWS-LC should upgrade to AWS-LC version 1.69.0.
AnalysisAI
Certificate chain verification bypass in AWS-LC, Amazon's libcrypto/BoringSSL-derived cryptographic library, lets unauthenticated attackers forge trust in PKCS7 objects carrying multiple signers: PKCS7_verify() validates only the final signer and skips chain verification for all preceding signers (CWE-295). Affected applications can be tricked into accepting signed data whose earlier signers chain to untrusted or invalid certificates. There is no public exploit identified at time of analysis, EPSS is low (0.03%, 10th percentile), and AWS-managed services are unaffected per the vendor, but the flaw is fixed in AWS-LC 1.69.0.
Technical ContextAI
AWS-LC is Amazon's general-purpose cryptographic library (forked from BoringSSL/OpenSSL) used by AWS services and third-party applications, exposed here through the aws-lc-sys Rust bindings and the aws_libcrypto component (CPEs cpe:2.3:a:amazon:aws-lc-sys and cpe:2.3:a:amazon:aws_libcrypto). PKCS7 (RFC 2315/CMS) supports detached or enveloped signatures with one or more SignerInfo structures, and PKCS7_verify() is responsible for validating each signer's certificate up to a trusted root. The root cause is CWE-295 Improper Certificate Validation: the implementation only performs chain verification for the last signer in a multi-signer PKCS7 structure, leaving every earlier signer's certificate chain unchecked, so a signature that appears valid does not guarantee its certificate is actually trusted.
RemediationAI
Vendor-released patch: AWS-LC version 1.69.0 - upgrade all applications and dependencies (including the aws-lc-sys Rust crate) to 1.69.0 or later, per the release at https://github.com/aws/aws-lc/releases/tag/v1.69.0 and the GitHub advisory https://github.com/aws/aws-lc/security/advisories/GHSA-cfwj-9wp5-wqvp. Red Hat users should apply RHSA-2026:5459 (https://access.redhat.com/errata/RHSA-2026:5459). If immediate upgrade is not possible, a targeted compensating control is to avoid relying on PKCS7_verify() for multi-signer PKCS7 objects: reject PKCS7 structures containing more than one SignerInfo, or independently re-verify every signer's certificate chain in application code rather than trusting the library result; the trade-off is added application logic and possible rejection of legitimate multi-signer messages. AWS-managed service customers need take no action per the vendor bulletin (https://aws.amazon.com/security/security-bulletins/2026-005-AWS/).
More in Aws Libcrypto
View allSignature verification bypass in AWS-LC's PKCS7_verify() function lets unauthenticated attackers get forged PKCS#7 objec
Timing side-channel attacks in AWS-LC's AES-CCM decryption implementation allow unauthenticated attackers to infer authe
Same weakness CWE-295 – Improper Certificate Validation
View allSame technique Authentication Bypass
View allVendor StatusVendor
SUSE
Severity: HighShare
External POC / Exploit Code
Leaving vuln.today
GHSA-vw5v-4f2q-w9xf