Skip to main content

CWE-757

Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')

16 CVEs Avg CVSS 6.3 MITRE
2
CRITICAL
4
HIGH
8
MEDIUM
2
LOW
2
POC
0
KEV

Monthly

CVE-2026-6092 LOW PATCH Monitor

wolfSSL's TLS 1.2 handshake logic silently downgrades Encrypt-then-MAC (ETM) to MAC-then-Encrypt when a client presents a stale session ID during a failed resumption attempt, affecting all builds compiled with HAVE_ENCRYPT_THEN_MAC using CBC-mode cipher suites. This ETM extension silent-disable (CWE-757) exposes the downgraded connection to CBC-mode side-channel attacks such as Lucky Thirteen, exploitable by an adjacent-network attacker. No public exploit identified at time of analysis and no confirmed active exploitation; vendor patch is available upstream via PR #10167.

Information Disclosure Wolfssl
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2026-1677 MEDIUM This Month

Zephyr RTOS sockets created with IPPROTO_TLS_1_3 can negotiate TLS 1.2 connections when both TLS versions are enabled in Kconfig, because socket-level protocol selection is not propagated to mbedTLS's minimum version enforcement. Applications explicitly requesting TLS 1.3 may silently fall back to TLS 1.2, exposing them to known TLS 1.2 weaknesses such as POODLE or truncation attacks. Remote unauthenticated attackers can exploit this via network-level protocol downgrade during the TLS handshake.

Information Disclosure Zephyr
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-6550 PyPI MEDIUM PATCH GHSA This Month

Cryptographic algorithm downgrade in AWS Encryption SDK for Python's caching layer allows authenticated local attackers to bypass key commitment policy enforcement through a shared key cache, enabling decryption of single ciphertext to multiple different plaintexts. Affected versions include Python 2 up to 2.5.1, Python 3 up to 3.3.0, and Python 4 up to 4.0.4. AWS has released vendor patches (versions 3.3.1, 4.0.5, and later) to remediate the vulnerability, which requires local access and authenticated credentials but has no known public exploit.

Authentication Bypass Python
NVD GitHub VulDB
CVSS 4.0
5.7
EPSS
0.0%
CVE-2026-32650 HIGH CISA Act Now

Anviz CrossChex Standard time and attendance software transmits database credentials in plaintext when attackers downgrade TDS7 PreLogin protocol encryption, enabling remote unauthenticated access to backend databases containing employee data and access control records. CVSS 7.5 (High) with network attack vector and no prerequisites. Reported by CISA ICS-CERT, indicating industrial/physical security context. EPSS and KEV status not provided in available data.

Authentication Bypass Anviz Crosschex Standard
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-2673 MEDIUM POC PATCH CISA This Month

OpenSSL and Microsoft products using the 'DEFAULT' keyword in TLS 1.3 key exchange group configurations may negotiate weaker cryptographic groups than intended, allowing network-based attackers to potentially downgrade the security of encrypted connections without authentication or user interaction. This affects servers that combine default group lists with custom configurations, particularly impacting hybrid post-quantum key exchange implementations where clients defer group selection. A patch is available to remediate this high-severity confidentiality risk.

OpenSSL Information Disclosure Microsoft
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.0%
Threat
4.8
CVE-2025-59270 LOW PATCH Monitor

psPAS PowerShell module does not explicitly enforce TLS 1.2 within the 'Get-PASSAMLResponse' function during the SAML authentication process. Rated low severity (CVSS 2.3), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Pspas
NVD GitHub
CVSS 4.0
2.3
EPSS
0.0%
CVE-2025-36582 MEDIUM PATCH This Month

Dell NetWorker, versions 19.12.0.1 and prior, contains a Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.

Dell Information Disclosure Networker
NVD
CVSS 3.1
4.8
EPSS
0.1%
CVE-2024-8773 HIGH This Week

SIMPLE.ERP client is vulnerable to MS SQL protocol downgrade request from a server side, what could lead to an unencrypted communication vulnerable to data interception and modification. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 4.0
8.3
EPSS
0.1%
CVE-2024-4995 CRITICAL Act Now

Wapro ERP Desktop is vulnerable to MS SQL protocol downgrade request from a server side, what could lead to an unencrypted communication vulnerable to data interception and modification.00.0. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 4.0
9.1
EPSS
0.9%
CVE-2024-38883 CRITICAL Act Now

An issue in Horizon Business Services Inc. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Caterease
NVD VulDB
CVSS 3.1
9.1
EPSS
0.4%
EPSS 0% CVSS 2.1
LOW PATCH Monitor

wolfSSL's TLS 1.2 handshake logic silently downgrades Encrypt-then-MAC (ETM) to MAC-then-Encrypt when a client presents a stale session ID during a failed resumption attempt, affecting all builds compiled with HAVE_ENCRYPT_THEN_MAC using CBC-mode cipher suites. This ETM extension silent-disable (CWE-757) exposes the downgraded connection to CBC-mode side-channel attacks such as Lucky Thirteen, exploitable by an adjacent-network attacker. No public exploit identified at time of analysis and no confirmed active exploitation; vendor patch is available upstream via PR #10167.

Information Disclosure Wolfssl
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM This Month

Zephyr RTOS sockets created with IPPROTO_TLS_1_3 can negotiate TLS 1.2 connections when both TLS versions are enabled in Kconfig, because socket-level protocol selection is not propagated to mbedTLS's minimum version enforcement. Applications explicitly requesting TLS 1.3 may silently fall back to TLS 1.2, exposing them to known TLS 1.2 weaknesses such as POODLE or truncation attacks. Remote unauthenticated attackers can exploit this via network-level protocol downgrade during the TLS handshake.

Information Disclosure Zephyr
NVD GitHub VulDB
EPSS 0% CVSS 5.7
MEDIUM PATCH This Month

Cryptographic algorithm downgrade in AWS Encryption SDK for Python's caching layer allows authenticated local attackers to bypass key commitment policy enforcement through a shared key cache, enabling decryption of single ciphertext to multiple different plaintexts. Affected versions include Python 2 up to 2.5.1, Python 3 up to 3.3.0, and Python 4 up to 4.0.4. AWS has released vendor patches (versions 3.3.1, 4.0.5, and later) to remediate the vulnerability, which requires local access and authenticated credentials but has no known public exploit.

Authentication Bypass Python
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH Act Now

Anviz CrossChex Standard time and attendance software transmits database credentials in plaintext when attackers downgrade TDS7 PreLogin protocol encryption, enabling remote unauthenticated access to backend databases containing employee data and access control records. CVSS 7.5 (High) with network attack vector and no prerequisites. Reported by CISA ICS-CERT, indicating industrial/physical security context. EPSS and KEV status not provided in available data.

Authentication Bypass Anviz Crosschex Standard
NVD GitHub VulDB
EPSS 0% 4.8 CVSS 6.5
MEDIUM POC PATCH This Month

OpenSSL and Microsoft products using the 'DEFAULT' keyword in TLS 1.3 key exchange group configurations may negotiate weaker cryptographic groups than intended, allowing network-based attackers to potentially downgrade the security of encrypted connections without authentication or user interaction. This affects servers that combine default group lists with custom configurations, particularly impacting hybrid post-quantum key exchange implementations where clients defer group selection. A patch is available to remediate this high-severity confidentiality risk.

OpenSSL Information Disclosure Microsoft
NVD GitHub VulDB
EPSS 0% CVSS 2.3
LOW PATCH Monitor

psPAS PowerShell module does not explicitly enforce TLS 1.2 within the 'Get-PASSAMLResponse' function during the SAML authentication process. Rated low severity (CVSS 2.3), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Pspas
NVD GitHub
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

Dell NetWorker, versions 19.12.0.1 and prior, contains a Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.

Dell Information Disclosure Networker
NVD
EPSS 0% CVSS 8.3
HIGH This Week

SIMPLE.ERP client is vulnerable to MS SQL protocol downgrade request from a server side, what could lead to an unencrypted communication vulnerable to data interception and modification. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

Wapro ERP Desktop is vulnerable to MS SQL protocol downgrade request from a server side, what could lead to an unencrypted communication vulnerable to data interception and modification.00.0. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

An issue in Horizon Business Services Inc. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Caterease
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy