CVE-2026-34181

Vulnerability

A flaw in how PKCS#12 files are processed, specifically when using the Password-Based Message Authentication Code 1 (PBMAC1) integrity mechanism, allows for certificate and private key forgery. This vulnerability affects services that read PKCS#12 files and use passwords for authentication. The issue arises when an attacker crafts an unencrypted PKCS#12 file using PBMAC1 with an HMAC key of only one byte. The FIPS modules are not affected as the vulnerable code is outside their boundary [1].

Exploitation

An attacker can exploit this vulnerability by creating a specially crafted, unencrypted PKCS#12 file that utilizes PBMAC1 with a single-byte HMAC key. If a service uses passwords to authenticate received PKCS#12 files, the attacker can submit this crafted file. The service will accept the forged file with a 1 in 256 probability, allowing the attacker to impersonate a user [1].

Impact

Successful exploitation allows an attacker to cause a service to accept a forged certificate and private key controlled by the attacker. This enables the attacker to impersonate a user, potentially leading to unauthorized access or actions within the service. The probability of success for any given attempt is 1 in 256 [1].

Mitigation

Not yet disclosed in the available references.