Default Cryptographic Key Vulnerability in Erlang/OTP SSL DTLS Server
CVE-2026-54887
What is CVE-2026-54887?
A vulnerability in the Erlang/OTP DTLS server's implementation can lead to predictable cookie generation during the startup phase. When the DTLS server initializes, it incorrectly sets the previous cookie secret to an empty binary instead of a secure random value. This deterministic behavior allows an attacker, upon observing the plaintext ClientHello message, to craft a valid DTLS cookie and bypass the source address verification for a limited period following server startup. Consequently, this can enable DTLS handshake amplification attacks with spoofed addresses, leading to potential denial-of-service scenarios.
Affected Version(s)
OTP 8.2
OTP 20.0
OTP e594aad2f87aab39e99fccf9e021bc94e0bbf7d4 < 888e3bcd72d5406016b9e0de741026bc2a6f114d
References
CVSS V4
Timeline
Vulnerability published
Vulnerability Reserved
