Cyber Posture

CVE-2026-5503

Critical

Published: 09 April 2026

Published
09 April 2026
Modified
27 April 2026
KEV Added
Patch
CVSS Score 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
EPSS Score 0.0005 15.0th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Description

In TLSX_EchChangeSNI, the ctx->extensions branch set extensions unconditionally even when TLSX_Find returned NULL. This caused TLSX_UseSNI to attach the attacker-controlled publicName to the shared WOLFSSL_CTX when no inner SNI was configured. TLSX_EchRestoreSNI then failed to clean it up because its…

more

removal was gated on serverNameX != NULL. The inner ClientHello was sized before the pollution but written after it, causing TLSX_SNI_Write to memcpy 255 bytes past the allocation boundary.

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly mandates timely identification, reporting, and correction of software flaws like the buffer overflow in wolfSSL's TLSX_EchChangeSNI function.

SI-16 Memory Protection good match
prevent

Implements memory protections such as address space layout randomization, stack canaries, and non-executable stacks to block exploitation of the out-of-bounds memcpy in TLSX_SNI_Write.

RA-5 Vulnerability Monitoring and Scanning good match
detect

Requires vulnerability scanning to identify deployments affected by CVE-2026-5503 in wolfSSL's ECH implementation.

Security SummaryAI

CVE-2026-5503, published on 2026-04-09, is a buffer overflow vulnerability (CWE-787) in the wolfSSL cryptographic library, affecting its TLS Encrypted Client Hello (ECH) implementation. The flaw resides in the TLSX_EchChangeSNI function, where the ctx->extensions branch sets extensions unconditionally even when TLSX_Find returns NULL. This allows TLSX_UseSNI to attach an attacker-controlled publicName to the shared WOLFSSL_CTX when no inner SNI is configured. TLSX_EchRestoreSNI then fails to clean it up due to removal being gated on serverNameX != NULL, causing the inner ClientHello to be sized before the pollution but written after it, resulting in TLSX_SNI_Write performing a memcpy 255 bytes past the allocation boundary.

The vulnerability carries a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H), indicating network-accessible exploitation with low attack complexity, no privileges or user interaction required, and unchanged scope. Remote attackers can trigger the buffer overflow by crafting a malicious ClientHello with ECH extensions, potentially achieving high integrity and availability impacts such as arbitrary code execution, memory corruption, or denial of service on affected wolfSSL deployments.

Mitigation is addressed in wolfSSL pull request #10102 at https://github.com/wolfSSL/wolfssl/pull/10102, which security practitioners should review and apply to vulnerable versions.

Details

CWE(s)
CWE-787

Affected Products

wolfssl
wolfssl
≤ 5.9.0

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1210 Exploitation of Remote Services Lateral Movement
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
attack.mitre.org →
T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
attack.mitre.org →
Why these techniques?

The buffer overflow in wolfSSL TLS ECH handling allows remote attackers to send a malicious ClientHello for RCE/memory corruption (enabling T1190 Exploit Public-Facing Application and T1210 Exploitation of Remote Services) or DoS (T1499.004 Application or System Exploitation).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

References