CVE-2025-66442
ADVISORY - nistSummary
In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in RSA and CBC/ECB decryption) that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected.
EPSS Score: 0.0027 (0.187)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Covert Timing Channel
ADVISORY - redhat
Compiler Optimization Removal or Modification of Security-critical Code
NIST
CREATED
UPDATED
ADVISORY IDCVE-2025-66442
EXPLOITABILITY SCORE
1.4
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
5.1mediumDebian
CREATED
UPDATED
ADVISORY IDCVE-2025-66442
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AlowUbuntu
CREATED
UPDATED
ADVISORY IDCVE-2025-66442
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AmediumRed Hat
CREATED
UPDATED
ADVISORY IDCVE-2025-66442
EXPLOITABILITY SCORE
2.2
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)