EUVD-2026-13168
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3Description
Heap Overflow in TLS 1.3 ECH parsing. An integer underflow existed in ECH extension parsing logic when calculating a buffer length, which resulted in writing beyond the bounds of an allocated buffer. Note that in wolfSSL, ECH is off by default, and the ECH standard is still evolving.
Analysis
Integer underflow in TLS 1.3 ECH (Encrypted Client Hello) extension parsing within wolfSSL allows remote attackers to trigger heap buffer overflow conditions with availability impact through specially crafted network packets. While ECH is disabled by default in wolfSSL and the specification remains unstable, exploitation requires no authentication and succeeds under specific timing conditions. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all systems running wolfSSL and identify which have ECH explicitly enabled; disable ECH if not operationally required. Within 7 days: Implement network segmentation to restrict TLS connections from untrusted sources; deploy WAF rules to detect and block malformed ECH extension packets; establish daily monitoring for vendor patches. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today