CVE-2026-23519 is a timing side-channel vulnerability classified under CWE-208 (Observable Timing Discrepancy) affecting the RustCrypto utils library prior to version 0.4.4. RustCrypto provides cryptographic utilities implemented in Rust, including conditional move (cmov) CPU intrinsics designed to execute in constant time to prevent timing side-channel attacks. However, for the thumbv6m-none-eabi target architecture, which corresponds to Cortex M0, M0+, and M1 microcontrollers, the compiler emitted non-constant-time assembly code when using the portable cmovnz intrinsic. This deviation from constant-time execution allows attackers to observe timing differences during cryptographic operations, potentially leaking sensitive information such as cryptographic keys or secrets. The vulnerability does not require any privileges or user interaction to exploit but has a high attack complexity due to the need for precise timing measurements and access to the target device's cryptographic operations. The issue was fixed in RustCrypto utils version 0.4.4 by ensuring the compiler emits truly constant-time assembly for the affected architectures. No known exploits are currently reported in the wild. The CVSS 4.0 score is 8.9 (high severity), reflecting the network attack vector, high attack complexity, no privileges or user interaction required, and a high impact on confidentiality. This vulnerability primarily threatens confidentiality by enabling side-channel leakage but does not affect integrity or availability. It is particularly relevant for embedded systems and IoT devices using Cortex M0/M0+/M1 cores running RustCrypto-based cryptographic code.

The primary impact of CVE-2026-23519 is the potential leakage of sensitive cryptographic information through timing side-channel attacks on embedded devices using vulnerable RustCrypto utils versions. For European organizations, this is significant in sectors deploying IoT devices, industrial control systems, automotive electronics, and other embedded systems based on Cortex M0/M0+/M1 microcontrollers. Confidentiality breaches could lead to exposure of cryptographic keys, undermining secure communications, device authentication, and data protection. This could facilitate further attacks such as device impersonation, data tampering, or unauthorized access. Although no known exploits exist currently, the high CVSS score indicates a serious risk if attackers develop reliable timing analysis methods. The vulnerability's impact is heightened in critical infrastructure and manufacturing sectors prevalent in Europe, where embedded systems are widely used. The vulnerability does not affect system integrity or availability directly but compromises the trustworthiness of cryptographic protections, potentially cascading into broader security failures.

1. Upgrade all RustCrypto utils dependencies to version 0.4.4 or later to ensure the constant-time execution fix is applied. 2. Conduct a thorough inventory of embedded devices and firmware using RustCrypto utils on Cortex M0/M0+/M1 architectures to identify vulnerable versions. 3. For devices where upgrading RustCrypto is not immediately feasible, consider implementing additional software-level mitigations such as introducing noise or random delays to obscure timing measurements, though this is less reliable. 4. Review cryptographic key management and rotate keys if there is suspicion of compromise due to timing leakage. 5. Employ side-channel resistant coding practices and perform side-channel analysis testing on embedded firmware to detect similar timing vulnerabilities. 6. Collaborate with device manufacturers and suppliers to ensure patched firmware updates are delivered and applied promptly. 7. Monitor threat intelligence sources for emerging exploits targeting this vulnerability and prepare incident response plans accordingly.