The vulnerability in wolfSSL's X509_verify_cert() function arises from improper handling of caller-supplied untrusted intermediate certificates in builds compiled with --enable-opensslextra. The verifier temporarily loads these untrusted intermediates into the certificate manager but fails to remove them before checking against the trusted store. Consequently, an attacker can present a certificate chain that does not reach a legitimate trust anchor but is still accepted because the untrusted intermediate is incorrectly treated as a trust anchor. This bypass affects certificate verification independent of TLS and is not limited by key type or algorithm. The default wolfSSL TLS handshake is unaffected; only applications performing manual or deferred verification via this API with session certificates enabled are vulnerable.

An attacker can cause the acceptance of a malicious certificate by bypassing the trust-chain validation, potentially undermining the security of certificate-based authentication and signature verification in affected applications. This can lead to acceptance of attacker-controlled certificates in contexts such as S/MIME, CMS, code or firmware signing, and JWT validation. Native wolfSSL TLS handshakes and default peer verification remain secure, limiting the impact to specific usage scenarios.

No official patch or fix is currently confirmed. Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Users should avoid using wolfSSL builds with --enable-opensslextra for certificate verification involving caller-supplied untrusted intermediates until a fix is available. Applications relying on manual or deferred peer verification with session certificates enabled should review their usage and consider alternative verification methods or disabling the vulnerable configuration. Monitor vendor advisories for updates and patches.