Cesanta Mongoose GCM Authentication Tag tls_aes128.c mg_aes_gcm_decrypt signature verification

6.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Description

A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This issue affects the function mg_aes_gcm_decrypt of the file /src/tls_aes128.c of the component GCM Authentication Tag Handler. Such manipulation leads to improper verification of cryptographic signature. The attack may be performed from remote. A high complexity level is associated with this attack. The exploitability is assessed as difficult. The exploit has been disclosed publicly and may be used. Upgrading to version 7.21 is capable of addressing this issue. It is advisable to upgrade the affected component. VulDB has contacted the vendor early and they confirmed quickly, that this issue got fixed already.

Basic Information

ID CVE-2026-6986

Source VulDB

Published Apr 25, 2026 at 16:30

Affected Product

Vendor Cesanta

Product Mongoose

Version 7.0

Affected Versions Cesanta Mongoose 7.0
Cesanta Mongoose 7.1
Cesanta Mongoose 7.2
Cesanta Mongoose 7.3
Cesanta Mongoose 7.4
Cesanta Mongoose 7.5
Cesanta Mongoose 7.6
Cesanta Mongoose 7.7
Cesanta Mongoose 7.8
Cesanta Mongoose 7.9
Cesanta Mongoose 7.10
Cesanta Mongoose 7.11
Cesanta Mongoose 7.12
Cesanta Mongoose 7.13
Cesanta Mongoose 7.14
Cesanta Mongoose 7.15
Cesanta Mongoose 7.16
Cesanta Mongoose 7.17
Cesanta Mongoose 7.18
Cesanta Mongoose 7.19
Cesanta Mongoose 7.20

CWE Classification

CWE-347 CWE-345

References

{
    "lastseen": "",
    "description": "A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This issue affects the function mg_aes_gcm_decrypt of the file /src/tls_aes128.c of the component GCM Authentication Tag Handler. Such manipulation leads to improper verification of cryptographic signature. The attack may be performed from remote. A high complexity level is associated with this attack. The exploitability is assessed as difficult. The exploit has been disclosed publicly and may be used. Upgrading to version 7.21 is capable of addressing this issue. It is advisable to upgrade the affected component. VulDB has contacted the vendor early and they confirmed quickly, that this issue got fixed already.",
    "published": "2026-04-25T16:30:13.067Z",
    "modified": "2026-04-25T16:30:13.067Z",
    "type": "cve",
    "title": "Cesanta Mongoose GCM Authentication Tag tls_aes128.c mg_aes_gcm_decrypt signature verification",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/359529\nhttps://vuldb.com/vuln/359529/cti\nhttps://vuldb.com/submit/796231\nhttps://github.com/dwBruijn/CVEs/blob/main/Mongoose/AESGCM.md\nhttps://github.com/cesanta/mongoose/releases/tag/7.21",
    "id": "CVE-2026-6986",
    "bulletinFamily": "",
    "cwe": [
        "CWE-347",
        "CWE-345"
    ],
    "cvelist": null,
    "sourceData": "Cesanta Mongoose 7.0\nCesanta Mongoose 7.1\nCesanta Mongoose 7.2\nCesanta Mongoose 7.3\nCesanta Mongoose 7.4\nCesanta Mongoose 7.5\nCesanta Mongoose 7.6\nCesanta Mongoose 7.7\nCesanta Mongoose 7.8\nCesanta Mongoose 7.9\nCesanta Mongoose 7.10\nCesanta Mongoose 7.11\nCesanta Mongoose 7.12\nCesanta Mongoose 7.13\nCesanta Mongoose 7.14\nCesanta Mongoose 7.15\nCesanta Mongoose 7.16\nCesanta Mongoose 7.17\nCesanta Mongoose 7.18\nCesanta Mongoose 7.19\nCesanta Mongoose 7.20",
    "sourceHref": "",
    "cvss": {
        "score": 6.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Mongoose",
    "version": "7.0",
    "vendor": "Cesanta",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Cesanta Mongoose GCM Authentication Tag tls_aes128.c mg_aes_gcm_decrypt signature verification_CVE-2026-6986