CVE Catalog

CVE-2026-6458

MediumCVSS 5.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.13%

3th percentile — higher than 3% of all known CVEs

Summary

A missing cryptographic step in Caliptra Core Firmware leads to an incorrect GCM authentication tag. Using the AES-256-GCM API with empty AAD results in the GHASH accumulator state not being saved after the first update call, causing the final tag to exclude the first batch of processed ciphertext.

Risk Assessment

Organizations may be exposed to modifications of ciphertext without the tag reflecting the changes, potentially leading to serious data security vulnerabilities.

Recommendation

It is recommended to update the firmware to a version that addresses this vulnerability and to monitor the use of the AES-256-GCM API to ensure data integrity.

Original NVD description (English source)

Missing cryptographic step in Caliptra Core Firmware (aes_256_gcm_update module) results in an incorrect GCM authentication tag. When the streaming AES-256-GCM API is used with empty AAD, the hardware GHASH accumulator state is not saved after the first update call, causing the final tag to exclude the first batch of processed ciphertext. Ciphertext produced by that call may be modified without the tag reflecting the change. This issue affects Core Runtime Firmware: from 2.0.0 through 2.0.1, 2.1.0.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS