Technical Advisory – wolfSSL TLS 1.3 Client Man-in-the-Middle Attack (CVE-2020-24613)

research.nccgroup.com – wolfSSL is a C-language-based SSL/TLS library targeted at IoT, embedded, and RTOS environments. wolfSSL incorrectly implements the TLS 1.3 client state machine. This allows attackers in a privileged …

Tweeted by @TheHackersNews https://twitter.com/TheHackersNews/status/1311715760436252677