CVE-2025-27810
ADVISORY - nistSummary
Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays.
EPSS Score: 0.00274 (0.192)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Use of Uninitialized Resource
NIST
CREATED
UPDATED
ADVISORY IDCVE-2025-27810
EXPLOITABILITY SCORE
2.2
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
5.4mediumAlpine
CREATED
UPDATED
ADVISORY IDCVE-2025-27810
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Debian
CREATED
UPDATED
ADVISORY IDCVE-2025-27810
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Ubuntu
CREATED
UPDATED
ADVISORY IDCVE-2025-27810
EXPLOITABILITY SCORE
2.2
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-