AWS Encryption SDK for Python, Algorithm Downgrade via Shared Key Cache, CVE-2026-6550 (medium)

Listen to this Post

CVE-2026-6550 arises from a cryptographic algorithm downgrade in the caching layer of the AWS Encryption SDK (ESDK) for Python. The issue occurs when two ESDK clients with different key‑commitment policies share a single `CachingCryptoMaterialsManager` instance within the same process. If the client configured with the weaker policy (e.g., FORBID_ENCRYPT_ALLOW_DECRYPT) encrypts data first, it populates the cache with encryption materials that do not enforce key commitment. A second client that is configured to require key commitment (e.g., REQUIRE_ENCRYPT_REQUIRE_DECRYPT) later requests encryption materials from the same cache. Because the cache already contains materials from the weaker policy, the stronger client is served those cached materials instead of generating fresh ones that would satisfy its own commitment policy. This results in encryption without key commitment, violating the property that a ciphertext must be decryptable to only one plaintext. Consequently, the same ciphertext can be validly decrypted to different plaintexts under different keys – the “Invisible Salamanders” attack (GHSA‑wqgp‑vphw‑hphf). An authenticated local attacker who controls the ciphertext can cause a recipient to decrypt a message that is different from what the sender originally encrypted, thereby breaking message integrity. The vulnerability requires that both clients use matching encryption contexts and the pre‑configured default algorithm suite. This scenario typically arises during a migration from ESDK for Python v1 (which lacked key‑commitment support) to newer versions. The issue affects versions 2.0‑2.5.1, 3.0‑3.3.0, and 4.0‑4.0.4, and is fixed in versions 3.3.1 and 4.0.5.

dailycve form:

Platform: AWS Encryption SDK
Version: 2.0-2.5.1,3.0-3.3.0,4.0-4.0.4
Vulnerability: Algorithm downgrade bypass
Severity: Medium (5.7)
Date: 20 Apr 2026

Prediction: 20 April 2026

What Undercode Say:

Check currently installed version
pip show aws-encryption-sdk | grep Version
Upgrade to a fixed version (3.3.1 or 4.0.5)
pip install --upgrade aws-encryption-sdk
Vulnerable cache sharing example
from aws_encryption_sdk import EncryptionSDKClient, CommitmentPolicy
from aws_encryption_sdk.caching import CachingCryptoMaterialsManager
from aws_encryption_sdk.caching.crypto_materials_cache import LocalCryptoMaterialsCache
Shared cache instance
cache = LocalCryptoMaterialsCache(capacity=100)
caching_cmm = CachingCryptoMaterialsManager(cache=cache)
Client with weaker policy
weak_client = EncryptionSDKClient(
commitment_policy=CommitmentPolicy.FORBID_ENCRYPT_ALLOW_DECRYPT
)
Client that requires key commitment
strong_client = EncryptionSDKClient(
commitment_policy=CommitmentPolicy.REQUIRE_ENCRYPT_REQUIRE_DECRYPT
)
Weak client encrypts first → cache polluted with non‑committing materials
weak_ciphertext = weak_client.encrypt(
source=b"secret",
materials_manager=caching_cmm
)
Strong client reuses the cached weak materials → key commitment bypassed
decrypted = strong_client.decrypt(
source=weak_ciphertext,
materials_manager=caching_cmm
)

Exploit:

An authenticated local attacker who can control the ciphertext and co‑opt the shared cache can poison it with materials from a weaker commitment policy. When a stronger‑policy client later uses the same cache, it unknowingly performs encryption without key commitment, allowing the attacker to present a ciphertext that decrypts to multiple valid plaintexts under different keys.

Protection from this CVE

  • Upgrade to ESDK for Python version 3.3.1, 4.0.5, or later.
  • Never share a `CachingCryptoMaterialsManager` among clients that have different key‑commitment policies.
  • Use key‑committing algorithm suites (the default in fixed versions) to enforce cryptographic binding between the ciphertext and the encryption key.

Impact:

Breaking message integrity – the attacker can cause a recipient to decrypt a message different from the one the sender intended. This undermines the confidentiality and authenticity guarantees of the encryption library and can lead to data‑corruption or misrouting of sensitive information.

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top