Mbed TLS and TF-PSA-Crypto suffer from a cryptographic flaw in Finite-Field Diffie-Hellman (FFDH) that allows attackers to manipulate shared secrets, potentially compromising non-TLS encrypted sessions.

A lack of contributory behavior in FFDH due to improper input validation allows a peer or an active network attacker to force the shared secret into a small, predictable set of values. While TLS itself is not affected, other protocols relying on FFDH contributory behavior are vulnerable.

This vulnerability has a CVSS score of 9.1. For custom protocols or non-TLS implementations using these libraries, the flaw could lead to the total decryption of sensitive communications or successful man-in-the-middle attacks.

Immediate Action: Update to the latest patched versions of Mbed TLS or TF-PSA-Crypto to ensure proper input validation and contributory behavior in FFDH operations.

Proactive Monitoring: Audit any custom cryptographic implementations that use these libraries to determine if they rely on the contributory properties of FFDH.

Compensating Controls: Transition to Elliptic Curve Diffie-Hellman (ECDH) where possible, as it is generally more robust against these types of cryptographic manipulation attacks.

Public Exploit Available: No

While the impact on standard TLS is minimal, the critical CVSS score reflects the risk to other applications. Developers should update their libraries immediately to maintain the cryptographic integrity of their systems.