CVE-2025-54764

Alias:

Overview

Mbed TLS before 3.6.5 allows a local timing attack against certain RSA operations, and direct calls to mbedtls_mpi_mod_inv or mbedtls_mpi_gcd.

Critical

Low

Medium

No items found.

Severity / CVSS Score: (Critical)

CWE:

Discovery date: October 20, 2025

Authentication required: NoneYes

Attack Vector: None