CVE-2026-32144: CWE-295 Improper Certificate Validation in Erlang OTP
Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_ocsp module) allows OCSP designated-responder authorization bypass via missing signature verification. The OCSP response validation in public_key:pkix_ocsp_validate/5 does not verify that a CA-designated responder certificate was cryptographically signed by the issuing CA. Instead, it only checks that the responder certificate's issuer name matches the CA's subject name and that the certificate has the OCSPSigning extended key usage. An attacker who can intercept or control OCSP responses can create a self-signed certificate with a matching issuer name and the OCSPSigning EKU, and use it to forge OCSP responses that mark revoked certificates as valid. This affects SSL/TLS clients using OCSP stapling, which may accept connections to servers with revoked certificates, potentially transmitting sensitive data to compromised servers. Applications using the public_key:pkix_ocsp_validate/5 API directly are also affected, with impact depending on usage context. This vulnerability is associated with program files lib/public_key/src/pubkey_ocsp.erl and program routines pubkey_ocsp:is_authorized_responder/3. This issue affects OTP from OTP 27.0 until OTP 28.4.2 and 27.3.4.10 corresponding to public_key from 1.16 until 1.20.3 and 1.17.1.2, and ssl from 11.2 until 11.5.4 and 11.2.12.7.
AI Analysis
Technical Summary
The vulnerability CVE-2026-32144 in Erlang OTP's public_key:pkix_ocsp_validate/5 function involves improper certificate validation (CWE-295). Specifically, the function fails to verify that a CA-designated OCSP responder certificate is cryptographically signed by the issuing CA, relying only on issuer name matching and the OCSPSigning EKU. An attacker capable of intercepting or controlling OCSP responses can create a self-signed certificate with a matching issuer name and OCSPSigning EKU to forge OCSP responses. This can cause clients using OCSP stapling to accept revoked certificates as valid, potentially exposing sensitive data to compromised servers. The vulnerability affects OTP versions 27.0 through 28.4.2, public_key versions 1.16 through 1.20.3, and ssl versions 11.2 through 11.5.4. No vendor advisory or patch information is currently available.
Potential Impact
The vulnerability allows attackers who can intercept or manipulate OCSP responses to bypass OCSP designated-responder authorization, enabling them to forge OCSP responses that mark revoked certificates as valid. This undermines the trust model of SSL/TLS connections using OCSP stapling, potentially allowing connections to servers with revoked certificates and exposing sensitive data. The impact on applications using the public_key:pkix_ocsp_validate/5 API depends on how the API is used but generally involves acceptance of invalid certificate status information.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, users should consider mitigating risk by disabling OCSP stapling or avoiding reliance on the vulnerable OCSP validation function where feasible. Monitor Erlang OTP vendor channels for updates and apply patches promptly once available.
CVE-2026-32144: CWE-295 Improper Certificate Validation in Erlang OTP
Description
Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_ocsp module) allows OCSP designated-responder authorization bypass via missing signature verification. The OCSP response validation in public_key:pkix_ocsp_validate/5 does not verify that a CA-designated responder certificate was cryptographically signed by the issuing CA. Instead, it only checks that the responder certificate's issuer name matches the CA's subject name and that the certificate has the OCSPSigning extended key usage. An attacker who can intercept or control OCSP responses can create a self-signed certificate with a matching issuer name and the OCSPSigning EKU, and use it to forge OCSP responses that mark revoked certificates as valid. This affects SSL/TLS clients using OCSP stapling, which may accept connections to servers with revoked certificates, potentially transmitting sensitive data to compromised servers. Applications using the public_key:pkix_ocsp_validate/5 API directly are also affected, with impact depending on usage context. This vulnerability is associated with program files lib/public_key/src/pubkey_ocsp.erl and program routines pubkey_ocsp:is_authorized_responder/3. This issue affects OTP from OTP 27.0 until OTP 28.4.2 and 27.3.4.10 corresponding to public_key from 1.16 until 1.20.3 and 1.17.1.2, and ssl from 11.2 until 11.5.4 and 11.2.12.7.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability CVE-2026-32144 in Erlang OTP's public_key:pkix_ocsp_validate/5 function involves improper certificate validation (CWE-295). Specifically, the function fails to verify that a CA-designated OCSP responder certificate is cryptographically signed by the issuing CA, relying only on issuer name matching and the OCSPSigning EKU. An attacker capable of intercepting or controlling OCSP responses can create a self-signed certificate with a matching issuer name and OCSPSigning EKU to forge OCSP responses. This can cause clients using OCSP stapling to accept revoked certificates as valid, potentially exposing sensitive data to compromised servers. The vulnerability affects OTP versions 27.0 through 28.4.2, public_key versions 1.16 through 1.20.3, and ssl versions 11.2 through 11.5.4. No vendor advisory or patch information is currently available.
Potential Impact
The vulnerability allows attackers who can intercept or manipulate OCSP responses to bypass OCSP designated-responder authorization, enabling them to forge OCSP responses that mark revoked certificates as valid. This undermines the trust model of SSL/TLS connections using OCSP stapling, potentially allowing connections to servers with revoked certificates and exposing sensitive data. The impact on applications using the public_key:pkix_ocsp_validate/5 API depends on how the API is used but generally involves acceptance of invalid certificate status information.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, users should consider mitigating risk by disabling OCSP stapling or avoiding reliance on the vulnerable OCSP validation function where feasible. Monitor Erlang OTP vendor channels for updates and apply patches promptly once available.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- EEF
- Date Reserved
- 2026-03-10T22:37:29.212Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69d4fc92aaed68159a206054
Added to database: 4/7/2026, 12:46:10 PM
Last enriched: 4/7/2026, 1:01:22 PM
Last updated: 4/7/2026, 2:57:40 PM
Views: 6
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.