CVE-2026-42766: OpenSSL CMS NULL Pointer Denial of Service
A flaw in OpenSSL's CMS (Cryptographic Message Syntax) password decryption logic allows an attacker to crash applications by sending specially crafted encrypted messages. The vulnerability stems from the code not properly checking whether an optional field exists before using it, resulting in a null pointer crash and service disruption.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 5.9 MEDIUM · CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
- Weaknesses (CWE)
- CWE-476
- Affected products
- 2 configuration(s)
- Published / Modified
- 2026-06-09 / 2026-06-17
NVD description (verbatim)
Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption. Impact summary: This NULL pointer dereference leads to an application crash and a Denial of Service. The CMS PasswordRecipientInfo.keyDerivationAlgorithm field is defined as OPTIONAL in the ASN.1 specification and may therefore be absent in specially crafted inputs. During the password-based CMS decryption the OpenSSL CMS implementation dereferences this field without first checking whether it was present. An attacker who supplies such a CMS message to an application performing password-based CMS decryption can trigger an application crash, leading to a Denial of Service. Applications that process password-encrypted CMS messages may be affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.
6 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
CVE-2026-42766 is a NULL pointer dereference in OpenSSL's CMS PasswordRecipientInfo implementation. The ASN.1 specification defines the keyDerivationAlgorithm field as OPTIONAL within PasswordRecipientInfo, but the OpenSSL CMS decryption routine dereferences this field without validating its presence first. An attacker crafting a CMS message with an absent keyDerivationAlgorithm can trigger a null pointer dereference during password-based decryption, causing process termination. The vulnerability affects non-FIPS code paths; FIPS modules in versions 4.0, 3.6, 3.5, 3.4, and 3.0 are unaffected because the vulnerable code lies outside the FIPS module boundary.
Business impact
Services relying on password-protected CMS message processing face denial-of-service risk. An unauthenticated attacker can cause application crashes by delivering a malicious CMS message, disrupting availability without requiring special network conditions or user interaction. Organizations in regulated sectors managing encrypted communications via CMS should assess exposure. The CVSS score of 5.9 (MEDIUM severity) reflects high availability impact but no confidentiality or integrity breach.
Affected systems
OpenSSL libraries are affected when used in applications that process password-encrypted CMS messages. The vulnerability is specific to non-FIPS OpenSSL builds. FIPS-validated modules (versions 4.0, 3.6, 3.5, 3.4, and 3.0) are explicitly not affected. Organizations should identify applications using OpenSSL's CMS API with password-based decryption capabilities.
Exploitability
Exploitation requires crafting a valid CMS message structure with an absent keyDerivationAlgorithm field and delivering it to a vulnerable application. The CVSS vector (AV:N/AC:H/PR:N/UI:N/S:U) indicates network accessibility but high attack complexity, meaning the attacker must satisfy specific conditions (correct ASN.1 structure, application actually processing CMS). No public exploit code or KEV status indicates this remains a lower-priority threat compared to easily weaponizable flaws, though proof-of-concept may emerge as awareness spreads.
Remediation
Apply OpenSSL security patches addressing CVE-2026-42766 (verify specific versions against the official OpenSSL advisory). For organizations unable to patch immediately, implement network controls restricting untrusted CMS message ingestion, disable password-based CMS decryption if functionally unnecessary, or isolate affected services. FIPS users are not required to act unless running non-FIPS OpenSSL variants in the same environment.
Patch guidance
Consult the OpenSSL security advisory for CVE-2026-42766 to identify patched versions applicable to your deployment (verify against vendor releases, as patch versions are not specified in this summary). Standard practice involves applying the earliest maintenance release containing the fix within your currently deployed major version branch. Test patches in non-production environments before rolling out broadly, particularly if your organization relies heavily on CMS-based encrypted workflows. Verify that both application code and bundled OpenSSL libraries receive updates.
Detection guidance
Monitor application logs and crash dumps for segmentation faults or access violations occurring during CMS decryption operations. Implement network-level inspection for CMS messages (typically within PKCS#7 or S/MIME structures) with missing or malformed keyDerivationAlgorithm fields. Endpoint Detection and Response (EDR) tools should flag unexpected terminations of services known to process CMS-encrypted data. Organizations using OpenSSL diagnostics can enable debug symbols to correlate crashes to the vulnerable code path; however, remediation via patching remains the primary mitigation.
Why prioritize this
This vulnerability merits medium priority for most organizations. While the CVSS score is 5.9, the high attack complexity and absence of exploitation in the wild (no KEV status) suggest lower immediate risk. However, organizations with CMS-heavy workflows—such as those handling secure email, legacy PKI systems, or cryptographic service providers—should prioritize patching. The flaw is trivial to understand and patch, making swift remediation feasible and cost-effective.
Risk score, explained
CVSS 5.9 (MEDIUM) reflects a denial-of-service impact without confidentiality or integrity consequences. The attack vector is network-based (AV:N), but attack complexity is high (AC:H), meaning the attacker must craft valid CMS structures. Privileges and user interaction are not required (PR:N/UI:N), and the scope is unchanged (S:U). The high availability impact (A:H) drives the score above 5.0. Organizations with mission-critical CMS processing or risk-averse compliance postures may elevate this to 'high' priority locally; others may defer behind critical and high-severity issues.
Frequently asked questions
Does this vulnerability affect FIPS-validated OpenSSL modules?
No. OpenSSL's FIPS modules in versions 4.0, 3.6, 3.5, 3.4, and 3.0 are explicitly unaffected because the vulnerable code lies outside the FIPS module boundary. Organizations relying solely on FIPS-validated builds do not need to address this issue.
Can an attacker gain unauthorized access or steal data via this vulnerability?
No. The vulnerability causes a denial-of-service crash only. It does not permit confidentiality or integrity breaches—attackers cannot decrypt messages or modify data. The impact is limited to availability disruption.
What kinds of applications are at risk?
Applications that use OpenSSL's CMS API to decrypt password-protected messages are at risk. This includes secure email clients (S/MIME), encrypted document processors, cryptographic hardware appliances, and legacy PKI systems. General-purpose applications not processing password-encrypted CMS structures are unlikely to be affected.
Is there a way to mitigate this without patching OpenSSL?
Network-level controls can restrict CMS message sources, and disabling password-based CMS decryption (if supported by the application) eliminates the vulnerable code path. However, these are temporary measures. Patching remains the recommended solution.
This analysis is based on publicly disclosed vulnerability information current as of the publication date. Patch availability, affected product versions, and remediation timelines should be verified against official OpenSSL security advisories and vendor communications. Organizations should conduct their own risk assessment based on actual deployment configurations. This summary does not constitute legal, compliance, or procurement advice. SEC.co provides this material for informational purposes and assumes no liability for decisions made in reliance on it. Source: NVD (public-domain), retrieved 2026-07-15. Analysis generated by SEC.co (claude-haiku-4-5).
Related vulnerabilities
- CVE-2026-42767MEDIUMOpenSSL CMP NULL Pointer Dereference Denial of Service
- CVE-2026-42764HIGHOpenSSL QUIC Server NULL Pointer Denial of Service Vulnerability
- CVE-2026-42765HIGHOpenSSL NULL Pointer Dereference in OCSP Certificate Chain Verification
- CVE-2025-60477MEDIUMMP4Box NULL Pointer Dereference Denial of Service
- CVE-2025-60481MEDIUMGPAC MP4Box NULL Pointer DoS Vulnerability (v26.02.0 Patch)
- CVE-2025-60483MEDIUMMP4Box AC4 Parser NULL Pointer DoS Vulnerability
- CVE-2025-60485MEDIUMMP4Box Segmentation Fault DoS Vulnerability (GPAC < 26.02.0)
- CVE-2025-60495MEDIUMMP4Box Segmentation Fault DoS Vulnerability – Patching Guide