CVE-2026-3503 is a vulnerability identified in wolfSSL's wolfCrypt cryptographic library, specifically in version 5.8.2, targeting ARM Cortex-M microcontrollers. The issue arises from incorrect usage of seeds in the pseudo-random number generator (PRNG) used in post-quantum cryptographic algorithms ML-KEM (Key Encapsulation Mechanism) and ML-DSA (Digital Signature Algorithm). These algorithms rely on Keccak-based expansion for seed generation and cryptographic operations. The vulnerability allows a physical attacker to induce transient faults—such as voltage glitches or electromagnetic interference—that corrupt or redirect seed or pointer values during the Keccak expansion phase. This fault injection can lead to compromised key material or manipulated cryptographic outcomes, undermining the security guarantees of the post-quantum algorithms. The attack requires physical proximity and sophisticated fault injection techniques, making exploitation complex. The vulnerability is classified under CWE-335, indicating incorrect usage of seeds in PRNGs, which can weaken randomness and cryptographic strength. No patches or exploit code are currently available, and no known active exploitation has been reported. The CVSS v4.0 score is 4.3 (medium), reflecting the limited attack vector (physical), high complexity, and partial confidentiality impact. The flaw primarily threatens confidentiality by potentially exposing secret keys or enabling cryptographic failures, but it does not affect availability or integrity broadly. This vulnerability is significant for embedded systems and IoT devices using wolfSSL on ARM Cortex-M platforms, especially where post-quantum cryptography is employed for future-proofing security.

The primary impact of CVE-2026-3503 is the potential compromise of cryptographic key material and the integrity of cryptographic operations in devices using wolfSSL's post-quantum implementations on ARM Cortex-M microcontrollers. This can lead to unauthorized disclosure of sensitive information protected by these keys, undermining confidentiality. Organizations relying on these cryptographic primitives for secure communications, firmware integrity, or authentication may face risks of data breaches or cryptographic failures. The physical attack requirement limits the scope to environments where attackers can access devices directly, such as industrial control systems, IoT deployments, or embedded systems in critical infrastructure. The medium severity reflects the high attack complexity and limited availability impact, but the confidentiality breach potential is significant for high-value targets. If exploited, attackers could bypass cryptographic protections, leading to further compromise of systems or networks. The lack of known exploits reduces immediate risk, but the vulnerability highlights the need for robust physical security and fault injection countermeasures in embedded cryptographic implementations.

To mitigate CVE-2026-3503, organizations should first upgrade wolfSSL to a version where this vulnerability is patched once available. In the absence of a patch, implement hardware-level protections against fault injection attacks, such as voltage and clock glitch detection, electromagnetic shielding, and sensor monitoring to detect abnormal conditions. Employ secure boot and runtime integrity checks to detect tampering attempts. Limit physical access to devices, especially in sensitive environments, to reduce the risk of fault injection. Review and harden the implementation of PRNGs and post-quantum cryptographic algorithms to ensure proper seed handling and validation. Conduct thorough security testing including fault injection analysis during development and deployment. Additionally, consider using hardware security modules (HSMs) or trusted execution environments (TEEs) that provide hardened cryptographic operations resistant to physical attacks. Maintain up-to-date threat intelligence and monitor for any emerging exploits targeting this vulnerability.