Timing Side Channel Vulnerability in X25519 Implementations on ESP32 Chips
CVE-2025-12888

1LOW

Key Information:

Vendor: Wolfssl
Status: Wolfssl
Vendor: CVE Published:; 21 November 2025

What is CVE-2025-12888?

A vulnerability exists within the X25519 constant-time cryptographic implementations, leading to potential timing side channel attacks. This issue arises from compiler optimizations and limitations inherent in the CPU architecture of Xtensa-based ESP32 chips. It is highly recommended for users targeting these chips to adopt the low memory implementations of X25519, which has been set as the default for Xtensa, to mitigate the associated risks.

Affected Version(s)

wolfSSL 5.8.2

References

https://https://github.com/wolfSSL/wolfssl/pull/9275

CVSS V4

Score:

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Physical

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 21, 2025
Vulnerability Reserved
Nov 7, 2025

Credit

Adrian Cinal

JSON

Wolfssl

What is CVE-2025-12888?

Affected Version(s)

References

CVSS V4

Timeline

Credit