CVE-2026-21444 affects libtpms, a software library that emulates Trusted Platform Module (TPM) functionality, specifically in versions 0.10.0 and 0.10.1. The vulnerability arises from improper handling of the initialization vector (IV) in cryptographic operations when libtpms is integrated with OpenSSL 3.x. Instead of returning the last IV used in symmetric cipher operations, libtpms erroneously returns the initial IV to the caller. This behavior undermines the cryptographic strength of the encryption and decryption processes, leading to weakened data confidentiality. The flaw is categorized under CWE-327 (Use of a Broken or Risky Cryptographic Algorithm) and CWE-330 (Use of Insufficiently Random Values). Exploitation requires local access with low privileges and does not require user interaction, but it does not impact data integrity or availability. The CVSS v3.1 base score is 5.5 (medium), reflecting the moderate risk primarily to confidentiality. The vulnerability was publicly disclosed on January 2, 2026, and fixed in libtpms version 0.10.2. No known exploits are currently in the wild, and no workarounds exist, making patching the only effective mitigation.

For European organizations, this vulnerability poses a risk to the confidentiality of sensitive data protected by TPM emulation using libtpms. Since TPMs are widely used for secure key storage, device attestation, and cryptographic operations, weakening the cryptographic process can expose encrypted data to potential compromise if an attacker gains local access. This is particularly critical for industries such as finance, healthcare, government, and critical infrastructure, where TPMs underpin security assurances. Although the vulnerability does not affect integrity or availability, the confidentiality breach could lead to unauthorized data disclosure, undermining trust and compliance with data protection regulations like GDPR. The requirement for local privileges limits remote exploitation but does not eliminate insider threats or attacks leveraging compromised local accounts. The absence of known exploits reduces immediate risk but does not preclude future targeted attacks.

European organizations should promptly upgrade libtpms to version 0.10.2 or later to remediate the vulnerability. Since no workarounds exist, patching is the primary defense. Additionally, organizations should audit systems using libtpms to identify affected versions and restrict local access to trusted users only. Implementing strict access controls and monitoring for unusual local activity can reduce exploitation risk. Security teams should verify the integration of libtpms with OpenSSL 3.x to ensure no legacy or vulnerable versions remain in use. Regular cryptographic audits and validation of TPM emulation implementations can help detect similar weaknesses. Finally, organizations should maintain up-to-date inventories of cryptographic libraries and dependencies to facilitate rapid response to vulnerabilities.