Skip to main content
Mallory
Back to vulnerabilities
Medium

Trust-Anchor Substitution in OpenSSL CMP rootCaKeyUpdate Handling

IdentifiersCVE-2026-42769CWE-295· Improper Certificate Validation

CVE-2026-42769 is a low-severity certificate validation flaw in OpenSSL's Certificate Management Protocol (CMP) handling of Root CA key rollover messages of type id-it-rootCaKeyUpdate. During processing via OSSL_CMP_get1_rootCaKeyUpdate(), OpenSSL is expected to validate the newWithOld certificate, which contains the new root CA certificate signed by the old root CA key and is critical for transferring trust from the old root CA to the new one. Due to a typo in the certificate chain building logic, the code adds the wrong certificate to the chain (newWithOld instead of oldRoot), making the signature verification effectively ineffectual. As a result, only limited properties such as issuer name and algorithm OIDs are checked by other code paths, rather than properly validating the trust transition. An attacker who already possesses CMP credentials sufficient to satisfy message protection checks at the Registration Authority (RA) level can craft an id-it-rootCaKeyUpdate message containing a self-signed arbitrary root certificate and cause affected CMP clients to accept it as a new trust anchor.

Share:
For your environment

Are you exposed to this one?

Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.

Start free trial
ANALYST BRIEF

Impact, mitigation & remediation

What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.

Impact

What an attacker gets, and what they’ve been doing with it.

Successful exploitation allows an attacker with valid RA-level CMP credentials to substitute the trusted root CA certificate used by affected CMP clients. This effectively escalates authority from the Registration Authority level to root CA trust level, enabling trust-anchor replacement with an attacker-controlled root certificate. The practical consequence is compromise of the client trust model for CMP-managed PKI operations, potentially allowing issuance trust subversion, acceptance of attacker-controlled certification paths, and broader credential or identity trust compromise. The issue was assessed as low severity because exploitation requires pre-existing valid RA-level credentials. The OpenSSL FIPS modules are not affected because the vulnerable code is outside the FIPS module boundary.

Mitigation

If you can’t patch tonight, do this now.

No complete workaround is provided in the advisory content. Until patches are deployed, reduce exposure by tightly restricting and protecting RA-level CMP credentials, limiting which entities are authorized to send CMP root CA rollover messages, disabling or avoiding CMP rootCaKeyUpdate processing where operationally feasible, and monitoring for unexpected or suspicious id-it-rootCaKeyUpdate messages or root trust-anchor changes on CMP clients. Because exploitation depends on valid CMP message protection credentials, strong credential hygiene and access control for RA functions materially reduce risk.

Remediation

Patch, then assume compromise.

Upgrade OpenSSL to a fixed vendor release that corrects verification of the newWithOld certificate in OSSL_CMP_get1_rootCaKeyUpdate(). The provided content indicates fixes were included in OpenSSL 4.0.1, 3.6.3, 3.5.7, 3.4.6, and 3.0.21, with downstream vendors also shipping patched packages. Apply the appropriate vendor update for the affected OpenSSL branch and redeploy or restart dependent applications as required by the platform.
PUBLIC EXPLOITS

Exploits

No public exploits tracked yet. Mallory keeps watching.

VALID 0 / 0 TOTALView more in app

No public exploit code observed for this vulnerability.

EXPOSURE SURFACE

Affected products & vendors

Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.

VendorProductType
FreebsdFreebsdapplication
OpenSSL Software FoundationOpensslapplication

Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.

ACTIVITY FEED

Recent activity

6 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

6 SOURCESView more in app
What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: which of your assets are affected, which adversaries are exploiting it right now, which detections to deploy, and what to do tonight.
Start free trial
Exposure mapping

Query your assets running an affected version, and investigate the blast radius.

Threat actor evidence

Every observed campaign linking this CVE to a named adversary.

Associated malware

Malware families riding this exploit, with evidence and IOCs.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Vendor-by-vendor mapping

Cross-references every affected SKU, including bundled OEM variants.

Social activity

Community discussion across Reddit, Mastodon, and other social sources.

EXTERNAL REFERENCES
MITRE CVE
cve.org · CVE-2026-42769
NVD
nvd.nist.gov/vuln/detail/CVE-2026-42769
MITRE CWE · CWE-295
Improper Certificate Validation
Patch
github.com/openssl/openssl/commit/54d0989997e5fc26057009a9782c3441ce3842fb
Patch
github.com/openssl/openssl/commit/777b363b16fcf2153bb3ded39dc3838713667c44
Patch
github.com/openssl/openssl/commit/d35cd473a271bf3ce7bf3d32af53217fb83ae92c
Patch
github.com/openssl/openssl/commit/d531f21c0fe99067a66fc0ff1161ef127f9cd70b
Vendor Advisory
openssl-library.org/news/secadv/20260609.txt