CVE-2024-28960 identifies a vulnerability in the PSA Crypto API implementation within Mbed TLS (versions 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0) and Mbed Crypto. The root cause is the mishandling of shared memory, which is a critical resource used to exchange data between different components or processes securely. Improper management of this shared memory can lead to unauthorized access or leakage of sensitive cryptographic material, thereby compromising confidentiality. The vulnerability does not require any privileges or user interaction to exploit, and it can be triggered remotely over the network, increasing its risk profile. The CVSS v3.1 score of 8.2 reflects a high severity, primarily due to the high impact on confidentiality (C:H), low impact on integrity (I:L), and no impact on availability (A:N). The weakness is categorized under CWE-284, which relates to improper access control, indicating that the PSA Crypto API fails to enforce adequate restrictions on shared memory usage. Although no exploits have been reported in the wild yet, the vulnerability affects a widely used cryptographic library embedded in many IoT and embedded devices, which are prevalent in industrial, telecommunications, and consumer sectors. The lack of patches linked in the provided data suggests that users should monitor official Mbed TLS and Mbed Crypto repositories for updates and advisories. The vulnerability's exploitation could allow attackers to extract cryptographic keys or sensitive data, undermining the security guarantees of systems relying on these libraries.

For European organizations, the impact of CVE-2024-28960 is significant, especially for those deploying embedded systems, IoT devices, or industrial control systems that utilize Mbed TLS or Mbed Crypto for cryptographic operations. Confidentiality breaches could lead to exposure of sensitive data, including cryptographic keys, which may facilitate further attacks such as data decryption, impersonation, or unauthorized access to protected resources. Critical infrastructure sectors such as energy, manufacturing, and telecommunications, which increasingly rely on embedded cryptography, are at heightened risk. The vulnerability's remote exploitability without authentication or user interaction increases the attack surface, potentially allowing attackers to compromise devices at scale. This could disrupt supply chains, cause data breaches, or undermine trust in secure communications. Given the widespread use of Mbed TLS in embedded and IoT devices, the scope of affected systems is broad, encompassing devices deployed in both enterprise and operational technology environments across Europe.

European organizations should take immediate steps to mitigate CVE-2024-28960 by upgrading affected Mbed TLS versions to 2.28.8 or later and Mbed Crypto to 3.6.0 or later once patches are officially released. Until patches are applied, organizations should audit their use of the PSA Crypto API to identify and restrict any shared memory operations that could be exploited. Employ network segmentation and strict access controls to limit exposure of vulnerable devices to untrusted networks. Implement monitoring for unusual cryptographic API usage patterns or memory access anomalies that could indicate exploitation attempts. For embedded device manufacturers, incorporate secure coding practices to avoid shared memory mishandling and conduct thorough security testing of cryptographic components. Additionally, coordinate with supply chain partners to ensure that firmware and software updates addressing this vulnerability are deployed promptly. Finally, maintain up-to-date inventories of devices using Mbed TLS or Mbed Crypto to prioritize remediation efforts effectively.