CVE-2026-6458 | Missing cryptographic step in Caliptra Core Firmware (aes_25… | CVSS 5.1 MEDIUM

Description

Missing cryptographic step in Caliptra Core Firmware (aes_256_gcm_update module) results in an incorrect GCM authentication tag. When the streaming AES-256-GCM API is used with empty AAD, the hardware GHASH accumulator state is not saved after the first update call, causing the final tag to exclude the first batch of processed ciphertext. Ciphertext produced by that call may be modified without the tag reflecting the change. This issue affects Core Runtime Firmware: from 2.0.0 through 2.0.1, 2.1.0.

Metadata

CVE ID: CVE-2026-6458
State: PUBLISHED
Assigner: Caliptra
Reserved: 2026-04-16 21:11 UTC
Published: 2026-06-23 23:49 UTC
Last updated: 2026-06-24 13:15 UTC
Primary CWE: CWE-325
CWE-325 Missing Cryptographic Step
Vendor / Product: Caliptra / Core Runtime Firmware
Sources: cve.org · NVD

Severity & Metrics

5.1 MEDIUM CVSS 4.0

CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N

SSVC — CISA Coordinator

Exploitation: none
Automatable: no
Tech. Impact: partial

Affected products (1)

Vendor	Product	Platform	Versions
Caliptra	Core Runtime Firmware	—	2.0.0 ≤ 2.0.1, 2.1.0, 2.0.2, 2.1.1

Weakness (CWE)

CWE	Source	Description
CWE-325	cna	CWE-325 Missing Cryptographic Step

CVSS scores (1)

Score	Severity	Version	Source	Vector
5.1	MEDIUM	4.0	cna	CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N

References (1)

https://github.com/chipsalliance/caliptra-sw/security/advisories/GHSA-834g-h5x6-2hqr