Cyber Posture

CVE-2026-25835

High

Published: 01 April 2026

Published
01 April 2026
Modified
06 April 2026
KEV Added
Patch
CVSS Score 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score 0.0002 3.5th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-25835 is a high-severity PRNG (CWE-335) vulnerability in Arm Mbed Tls. Its CVSS base score is 7.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Reduce Key Space (T1600.001); ranked at the 3.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Reduce Key Space (T1600.001). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
preventrecover

Directly remediates the PRNG seed misuse flaw by requiring identification, reporting, testing, and correction via upgrades to Mbed TLS 3.6.6 or TF-PSA-Crypto 1.1.0.

RA-5 Vulnerability Monitoring and Scanning good match
detect

Vulnerability monitoring and scanning identifies systems running vulnerable Mbed TLS or TF-PSA-Crypto versions affected by predictable PRNG.

SC-12 Cryptographic Key Establishment and Management partial match
prevent

Requires cryptographic key establishment and management mechanisms that rely on properly seeded PRNGs, mitigating predictability from seed misuse.

MITRE ATT&CK Enterprise TechniquesAI

T1600.001 Reduce Key Space Defense Impairment
Adversaries may reduce the level of effort required to decrypt data transmitted over the network by reducing the cipher strength of encrypted communications.
attack.mitre.org →
Why these techniques?

Vulnerability enables predictable/clonable RNG output via seed misuse (CWE-335), directly facilitating reduction of effective cryptographic key space for attacks on confidentiality/integrity.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a Pseudo-Random Number Generator (PRNG).

Deeper analysisAI

CVE-2026-25835 is a vulnerability in Mbed TLS versions prior to 3.6.6 and TF-PSA-Crypto versions prior to 1.1.0 that results from the misuse of seeds in a Pseudo-Random Number Generator (PRNG). This issue, published on 2026-04-01 and associated with CWE-335, carries a CVSS v3.1 base score of 7.7 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).

A local attacker can exploit this vulnerability with low attack complexity, requiring no privileges or user interaction. Exploitation enables high-impact compromise of confidentiality and integrity, such as through predictable or clonable random number generation, while leaving availability unaffected and scope unchanged.

The Mbed TLS security advisories detail mitigation, recommending upgrades to Mbed TLS 3.6.6 or later and TF-PSA-Crypto 1.1.0 or later. Relevant advisories are available at https://mbed-tls.readthedocs.io/en/latest/security-advisories/ and https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-rng-cloning/.

Details

CWE(s)
CWE-335

Affected Products

arm
mbed tls
4.0.0 · 2.18.0 — 3.6.6
arm
tf-psa-crypto
≤ 1.1.0

CVEs Like This One

CVE-2026-34872Same product: Arm Mbed Tls
CVE-2026-34875Same product: Arm Mbed Tls
CVE-2026-25833Same product: Arm Mbed Tls
CVE-2026-34874Same product: Arm Mbed Tls
CVE-2025-47917Same product: Arm Mbed Tls
CVE-2026-34877Same product: Arm Mbed Tls
CVE-2026-34873Same product: Arm Mbed Tls
CVE-2026-34876Same product: Arm Mbed Tls
CVE-2025-0647Same vendor: Arm
CVE-2024-11864Same vendor: Arm

References