CVE-2026-9758
Description
S2OPC improperly compares certificates, allowing untrusted certificates with matching subject names and lengths to be accepted.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
S2OPC improperly compares certificates, allowing untrusted certificates with matching subject names and lengths to be accepted.
Vulnerability
An improper comparison in the Trust List Check step of the certificate validation process in S2OPC allows a well-formed untrusted certificate to be considered trusted. This occurs because the comparison only checks the subject name and certificate length, not the key, leading to a match with a certificate that has the same subject name and length but a different key. This vulnerability affects S2OPC versions 1.5.0 and later, including the master branch [1]. Both MbedTLS and CycloneCrypto wrappers are impacted [1].
Exploitation
An attacker can exploit this vulnerability by creating a self-signed certificate with the same subject name and serial value as a trusted certificate, but with a different key. The attacker then uses this crafted certificate to connect to the S2OPC server or client. The server or client, due to the partial comparison, will incorrectly consider the attacker's certificate as trusted, provided all other certificate validation steps have succeeded [1].
Impact
Successful exploitation allows an attacker to present an untrusted certificate that is accepted by the S2OPC system. This could lead to unauthorized access or the establishment of a trusted connection with an illegitimate entity, potentially compromising the confidentiality and integrity of the system. The scope of the compromise depends on the privileges associated with the accepted certificate [1].
Mitigation
Not yet disclosed in the available references.
AI Insight generated on Jun 10, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"An improper comparison of certificate data allows untrusted certificates to be considered trusted."
Attack vector
An attacker can craft a malicious certificate that, despite being untrusted, passes the certificate trust list check. This is achieved by exploiting an incorrect length comparison during the certificate validation process. If the crafted certificate has a matching prefix of the correct length with a trusted certificate, it may be incorrectly accepted as valid [ref_id=1].
Affected code
The vulnerability lies within the comparison logic for certificates in the S2OPC library, specifically in the MbedTLS and cyclone wrappers. The diff shows an incorrect length (`crt->subject_raw.len`) being used in a `memcmp` call when comparing the raw certificate data (`crt->raw.p`). This comparison is intended to verify the trust of a certificate against a trusted list.
What the fix does
The patch corrects the comparison logic for certificate raw data. Previously, the comparison used the length of the certificate's subject, which could be shorter than the raw certificate data. The fix changes the comparison to use the actual length of the raw certificate data (`crt->raw.len`), ensuring a full and accurate comparison. This prevents partial matches based on incorrect lengths from incorrectly validating untrusted certificates.
Preconditions
- inputThe attacker must be able to supply a well-formed, untrusted certificate.
- networkThe attacker must be able to present this untrusted certificate to the vulnerable S2OPC component.
Generated on Jun 10, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
News mentions
0No linked articles in our index yet.