FKIE_CVE-2026-6458

Vulnerability from fkie_nvd - Published: 2026-06-24 00:16 - Updated: 2026-06-25 16:14
Severity
5.1 (Medium) - CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
Summary
Missing cryptographic step in Caliptra Core Firmware (aes_256_gcm_update module) results in an incorrect GCM authentication tag. When the streaming AES-256-GCM API is used with empty AAD, the hardware GHASH accumulator state is not saved after the first update call, causing the final tag to exclude the first batch of processed ciphertext. Ciphertext produced by that call may be modified without the tag reflecting the change. This issue affects Core Runtime Firmware: from 2.0.0 through 2.0.1, 2.1.0.
References
b01ddd03-5ef6-483b-b2c5-acba77f1a554https://github.com/chipsalliance/caliptra-sw/security/advisories/GHSA-834g-h5x6-2hqr
Impacted products
Vendor Product Version
To clipboard 

{
  "affected": [
    {
      "affectedData": [
        {
          "collectionURL": "https://github.com/chipsalliance/caliptra-sw",
          "defaultStatus": "unaffected",
          "modules": [
            "aes_256_gcm_update"
          ],
          "packageName": "Core Runtime Firmware",
          "product": "Core Runtime Firmware",
          "vendor": "Caliptra",
          "versions": [
            {
              "lessThanOrEqual": "2.0.1",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "2.1.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "2.0.2",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "2.1.1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "source": "b01ddd03-5ef6-483b-b2c5-acba77f1a554"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Missing cryptographic step in Caliptra Core Firmware (aes_256_gcm_update module) results in an incorrect GCM authentication tag. When the streaming AES-256-GCM API is used with empty AAD, the hardware GHASH accumulator state is not saved after the first update call, causing the final tag to exclude the first batch of processed ciphertext. Ciphertext produced by that call may be modified without the tag reflecting the change.\n\nThis issue affects Core Runtime Firmware: from 2.0.0 through 2.0.1, 2.1.0."
    }
  ],
  "id": "CVE-2026-6458",
  "lastModified": "2026-06-25T16:14:14.483",
  "metrics": {
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "ADJACENT",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 5.1,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "LOW",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "LOW",
          "subIntegrityImpact": "LOW",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "NONE",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "LOW",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "b01ddd03-5ef6-483b-b2c5-acba77f1a554",
        "type": "Secondary"
      }
    ],
    "ssvcV203": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "ssvcData": {
          "id": "CVE-2026-6458",
          "options": [
            {
              "exploitation": "none"
            },
            {
              "automatable": "no"
            },
            {
              "technicalImpact": "partial"
            }
          ],
          "role": "CISA Coordinator",
          "timestamp": "2026-06-24T13:14:19.562293Z",
          "version": "2.0.3"
        }
      }
    ]
  },
  "published": "2026-06-24T00:16:34.037",
  "references": [
    {
      "source": "b01ddd03-5ef6-483b-b2c5-acba77f1a554",
      "url": "https://github.com/chipsalliance/caliptra-sw/security/advisories/GHSA-834g-h5x6-2hqr"
    }
  ],
  "sourceIdentifier": "b01ddd03-5ef6-483b-b2c5-acba77f1a554",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-325"
        }
      ],
      "source": "b01ddd03-5ef6-483b-b2c5-acba77f1a554",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.