No items found.
No items found.
No items found.
No items found.
No items found.
No items found.
No items found.
No items found.
No items found.
No items found.
Mitsubishi Electric to Acquire Nozomi Networks
Read the News
This white paper investigates the built-in TLS (Transport Layer Security) stack of the Mongoose Web Server Library—a lightweight but widely used solution for secure communications. By leveraging advanced fuzz-testing methodologies, including state-of-the-art tools like AFL++, Nozomi Networks Labs tackled the challenges posed by a complex, stateful protocol and uncovered ten critical vulnerabilities. These flaws allow a remote attacker to send a carefully crafted TLS packet that can crash devices or make them completely unresponsive.
This research was presented at No Hat in October 2025.
This white paper investigates the built-in TLS (Transport Layer Security) stack of the Mongoose Web Server Library—a lightweight but widely used solution for secure communications. By leveraging advanced fuzz-testing methodologies, including state-of-the-art tools like AFL++, Nozomi Networks Labs tackled the challenges posed by a complex, stateful protocol and uncovered ten critical vulnerabilities. These flaws allow a remote attacker to send a carefully crafted TLS packet that can crash devices or make them completely unresponsive.
This research was presented at No Hat in October 2025.
This white paper investigates the built-in TLS (Transport Layer Security) stack of the Mongoose Web Server Library—a lightweight but widely used solution for secure communications. By leveraging advanced fuzz-testing methodologies, including state-of-the-art tools like AFL++, Nozomi Networks Labs tackled the challenges posed by a complex, stateful protocol and uncovered ten critical vulnerabilities. These flaws allow a remote attacker to send a carefully crafted TLS packet that can crash devices or make them completely unresponsive.
This research was presented at No Hat in October 2025.
This white paper investigates the built-in TLS (Transport Layer Security) stack of the Mongoose Web Server Library—a lightweight but widely used solution for secure communications. By leveraging advanced fuzz-testing methodologies, including state-of-the-art tools like AFL++, Nozomi Networks Labs tackled the challenges posed by a complex, stateful protocol and uncovered ten critical vulnerabilities. These flaws allow a remote attacker to send a carefully crafted TLS packet that can crash devices or make them completely unresponsive.
This research was presented at No Hat in October 2025.
This white paper investigates the built-in TLS (Transport Layer Security) stack of the Mongoose Web Server Library—a lightweight but widely used solution for secure communications. By leveraging advanced fuzz-testing methodologies, including state-of-the-art tools like AFL++, Nozomi Networks Labs tackled the challenges posed by a complex, stateful protocol and uncovered ten critical vulnerabilities. These flaws allow a remote attacker to send a carefully crafted TLS packet that can crash devices or make them completely unresponsive.
This research was presented at No Hat in October 2025.
