Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2025-49087

In Mbed TLS 3.6.1 through 3.6.3 before 3.6.4, a timing discrepancy in block cipher padding removal allows an attacker to recover the plaintext when PKCS#7 padding mode is used.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 8.2%
CVSS Severity
CVSS v3 Score 4.0
Products affected by CVE-2025-49087
  • Arm » Mbed Tls » Version: 3.6.1
    cpe:2.3:a:arm:mbed_tls:3.6.1
  • Arm » Mbed Tls » Version: 3.6.2
    cpe:2.3:a:arm:mbed_tls:3.6.2
  • Arm » Mbed Tls » Version: 3.6.3
    cpe:2.3:a:arm:mbed_tls:3.6.3


Contact Us

Shodan ® - All rights reserved