PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-25835 Arm CVE debrief

Arm Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 contain a vulnerability in their Pseudo-Random Number Generator (PRNG) implementation where seeds are misused, potentially leading to insufficient entropy or predictable random values. The issue was published on 2026-04-01 and last modified on 2026-06-01. The vulnerability is rated HIGH severity with a CVSS 3.1 score of 7.7 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N). Affected versions include Mbed TLS from 2.18.0 through versions prior to 3.6.6, as well as Mbed TLS 4.0.0, and all TF-PSA-Crypto versions prior to 1.1.0. The weakness is categorized as CWE-335 (Incorrect Usage of Seeds in Pseudo-Random Number Generator). No known exploitation in ransomware campaigns has been documented. Users should upgrade to Mbed TLS 3.6.6 or later, or TF-PSA-Crypto 1.1.0 or later, and consult the vendor security advisories for additional guidance.

Vendor
Arm
Product
Mbed TLS
CVSS
HIGH 7.7
CISA KEV
Not listed in stored evidence
Original CVE published
2026-04-01
Original CVE updated
2026-06-01
Advisory published
2026-04-01
Advisory updated
2026-06-01

Who should care

Organizations using Mbed TLS or TF-PSA-Crypto for cryptographic operations in embedded systems, IoT devices, or any software requiring secure random number generation.

Technical summary

The vulnerability stems from incorrect handling or reuse of seeds within the PRNG implementation in Mbed TLS and TF-PSA-Crypto. Local attackers may be able to exploit weak or predictable randomness to undermine cryptographic operations that depend on secure random values, such as key generation or nonce creation. The CVSS vector indicates a local attack vector with low attack complexity, no privileges required, and no user interaction needed, resulting in high impact to confidentiality and integrity but no availability impact.

Defensive priority

HIGH

Recommended defensive actions

  • Upgrade Mbed TLS to version 3.6.6 or later.
  • Upgrade TF-PSA-Crypto to version 1.1.0 or later.
  • Review applications relying on Mbed TLS or TF-PSA-Crypto for cryptographic randomness to ensure they are not using affected versions.
  • Monitor vendor security advisories for any additional patches or guidance.

Evidence notes

CVE published 2026-04-01; NVD entry modified 2026-06-01. CVSS 3.1 vector AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N. CPE confirms affected ranges: Mbed TLS 2.18.0–<3.6.6 and 4.0.0; TF-PSA-Crypto <1.1.0. Weakness: CWE-335.

Official resources

2026-04-01T19:16:28.663Z