Listen to this Post
CVE-2026-6550 arises from a cryptographic algorithm downgrade in the caching layer of the AWS Encryption SDK (ESDK) for Python. The issue occurs when two ESDK clients with different key‑commitment policies share a single `CachingCryptoMaterialsManager` instance within the same process. If the client configured with the weaker policy (e.g., FORBID_ENCRYPT_ALLOW_DECRYPT) encrypts data first, it populates the cache with encryption materials that do not enforce key commitment. A second client that is configured to require key commitment (e.g., REQUIRE_ENCRYPT_REQUIRE_DECRYPT) later requests encryption materials from the same cache. Because the cache already contains materials from the weaker policy, the stronger client is served those cached materials instead of generating fresh ones that would satisfy its own commitment policy. This results in encryption without key commitment, violating the property that a ciphertext must be decryptable to only one plaintext. Consequently, the same ciphertext can be validly decrypted to different plaintexts under different keys – the “Invisible Salamanders” attack (GHSA‑wqgp‑vphw‑hphf). An authenticated local attacker who controls the ciphertext can cause a recipient to decrypt a message that is different from what the sender originally encrypted, thereby breaking message integrity. The vulnerability requires that both clients use matching encryption contexts and the pre‑configured default algorithm suite. This scenario typically arises during a migration from ESDK for Python v1 (which lacked key‑commitment support) to newer versions. The issue affects versions 2.0‑2.5.1, 3.0‑3.3.0, and 4.0‑4.0.4, and is fixed in versions 3.3.1 and 4.0.5.
dailycve form:
Platform: AWS Encryption SDK
Version: 2.0-2.5.1,3.0-3.3.0,4.0-4.0.4
Vulnerability: Algorithm downgrade bypass
Severity: Medium (5.7)
Date: 20 Apr 2026
Prediction: 20 April 2026
What Undercode Say:
Check currently installed version pip show aws-encryption-sdk | grep Version Upgrade to a fixed version (3.3.1 or 4.0.5) pip install --upgrade aws-encryption-sdk
Vulnerable cache sharing example from aws_encryption_sdk import EncryptionSDKClient, CommitmentPolicy from aws_encryption_sdk.caching import CachingCryptoMaterialsManager from aws_encryption_sdk.caching.crypto_materials_cache import LocalCryptoMaterialsCache Shared cache instance cache = LocalCryptoMaterialsCache(capacity=100) caching_cmm = CachingCryptoMaterialsManager(cache=cache) Client with weaker policy weak_client = EncryptionSDKClient( commitment_policy=CommitmentPolicy.FORBID_ENCRYPT_ALLOW_DECRYPT ) Client that requires key commitment strong_client = EncryptionSDKClient( commitment_policy=CommitmentPolicy.REQUIRE_ENCRYPT_REQUIRE_DECRYPT ) Weak client encrypts first → cache polluted with non‑committing materials weak_ciphertext = weak_client.encrypt( source=b"secret", materials_manager=caching_cmm ) Strong client reuses the cached weak materials → key commitment bypassed decrypted = strong_client.decrypt( source=weak_ciphertext, materials_manager=caching_cmm )
Exploit:
An authenticated local attacker who can control the ciphertext and co‑opt the shared cache can poison it with materials from a weaker commitment policy. When a stronger‑policy client later uses the same cache, it unknowingly performs encryption without key commitment, allowing the attacker to present a ciphertext that decrypts to multiple valid plaintexts under different keys.
Protection from this CVE
- Upgrade to ESDK for Python version 3.3.1, 4.0.5, or later.
- Never share a `CachingCryptoMaterialsManager` among clients that have different key‑commitment policies.
- Use key‑committing algorithm suites (the default in fixed versions) to enforce cryptographic binding between the ciphertext and the encryption key.
Impact:
Breaking message integrity – the attacker can cause a recipient to decrypt a message different from the one the sender intended. This undermines the confidentiality and authenticity guarantees of the encryption library and can lead to data‑corruption or misrouting of sensitive information.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode

