CVE Catalog

CVE-2026-6329

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.16%

6th percentile — higher than 6% of all known CVEs

Summary

The vulnerability in PKCS#12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS#12 verify path compared the locally computed HMAC against the MAC parsed from the PKCS#12 structure using a length taken directly from the attacker-supplied input, without first verifying that it equals the length of the digest actually produced by the configured algorithm. A truncated or zero-length stored MAC could therefore be accepted, defeating the integrity protection of the MAC.

Risk Assessment

An attacker can supply a crafted PKCS#12 file with an invalid or truncated MAC that will be accepted by the system, potentially compromising the integrity of credentials or cryptographic keys.

Recommendation

Update the library or software implementing PKCS#12 handling to a version that fixes the MAC length verification, and ensure all processed PKCS#12 files come from trusted sources.

Original NVD description (English source)

PKCS#12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS#12 verify path compared the locally computed HMAC against the MAC parsed from the PKCS#12 structure using a length taken directly from the attacker-supplied input, without first verifying that it equals the length of the digest actually produced by the configured algorithm. A truncated or zero-length stored MAC could therefore be accepted, defeating the integrity protection of the MAC.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS