External risk intelligence

Mbed TLS Client Impersonation Vulnerability in TLS 1.3 Session Resumption

CVE advisorySeverity: CRITICAL (CVSS 9.1)

CVE-2026-34873

Mbed TLS versions 3.5.0 through 4.0.0 have a vulnerability allowing client impersonation during TLS 1.3 session resumption. This could permit an attacker to impersonate a legitimate client, potentially impacting data confidentiality and integrity. Understanding if your environment uses affected Mbed TLS versions is cru

2Halo Surface Signal

Authentication Bypass

Trustedfirmware Mbed Tls

3.5.0 to before 3.6.64.0.0 to before 4.1.0

External exposure likelihood

Halo Surface Signal score for CVE-2026-34873

Mbed TLS is a cryptographic library integrated into various applications, devices, and firmware rather than a standalone, internet-facing service. While it handles network protocols like TLS, its exposure depends entirely on the specific implementation of the downstream product, and it is frequently used in embedded systems or internal components not directly reachable from the public internet.

PCI scan relevance

PCI Relevance for CVE-2026-34873

Yes

CVE-2026-34873 — Halo PCI Relevance: Yes. Under typical PCI ASV external scan criteria, this issue may be flagged for scan prioritization.

This vulnerability allows client impersonation during TLS 1.3 session resumption, potentially enabling unauthorized access and compromising encrypted communications, which is a critical security concern for PCI compliance.

Scan-prioritization guidance only—not a PCI DSS certification or ASV attestation.

Horizon Alert

Summary of the vulnerability and why it matters

An issue has been identified in the Mbed TLS library affecting TLS 1.3 session resumption, which could allow for client impersonation. This vulnerability is present in specific versions of the library.

An issue could let clients pretend to be someone else.
Understand if our systems use affected Mbed TLS versions.
Verify relevance and exposure; address if confirmed.

Attack Path

How an attacker could exploit the issue

An attacker could impersonate a legitimate client by exploiting a flaw in how TLS 1.3 sessions are resumed. This vulnerability allows an unauthenticated attacker to potentially gain unauthorized access or intercept sensitive information.

No authentication required.
Vulnerable TLS 1.3 session resumption.
Client impersonation and data compromise.

Live Threat

Current exploitation, exposure, and threat context

When supported by the advisory, client impersonation can occur during TLS 1.3 session resumption, potentially affecting the confidentiality and integrity of network communications. This could allow an attacker to impersonate a legitimate client to a vulnerable server.

Confidentiality and integrity of communications.
Impersonation during TLS 1.3 session resumption.
Unauthorized access to client-communicated data.

Priority actions

Operational Fix

Recommended remediation, mitigation, and detection steps

This vulnerability in Mbed TLS client impersonation during TLS 1.3 session resumption likely impacts application owners and platform teams responsible for integrating the library. The immediate first step is to identify all instances of Mbed TLS within your environment, confirm their reachability and business criticality, and then assign ownership for remediation planning based on the assessed risk.

Application or platform owners should triage.
Verify Mbed TLS deployment and reachability.
Plan remediation based on risk assessment.

Frequently asked questions

What is Mbed TLS and what is it used for?

Mbed TLS is a cryptographic library used for implementing secure network communication protocols like TLS. It is often integrated into applications, devices, and firmware to provide security features for network-connected systems.

What kind of weakness does CVE-2026-34873 describe?

CVE-2026-34873 describes a weakness classified as CWE-287, which relates to improper authentication. In this specific case, it means that a client can be impersonated while resuming a TLS 1.3 session.

How can an attacker exploit this Mbed TLS vulnerability?

An attacker can exploit this vulnerability without needing any prior authentication. The exploit targets the process of resuming a TLS 1.3 session, allowing the attacker to impersonate a legitimate client.

Who should be concerned about this CVE-2026-34873 threat?

This threat is relevant to systems that use affected versions of Mbed TLS for TLS 1.3 session resumption. While Mbed TLS itself is often part of internal systems or embedded devices, if these systems are externally facing, the risk increases.

What is the first step for responding to this Mbed TLS issue?

The initial step for teams running Mbed TLS is to identify all instances where the library is used within their environment. Following this, they should confirm if these instances are externally accessible and then plan remediation based on the identified risk.

References

Written by Nicholas Merritt

External-surface CVE analysis and Halo Surface Signal prioritization for Halo Threat Intelligence.