The FREAK Attack exploits legacy SSL cipher suites from the 1990s that use RSA export keys. By definition a server in export mode has to use a low bit strength RSA key (512 bits or less), which can now be cracked in around 12 hours. Even if a client supports export cipher suites but doesn’t broadcast support for them a man in the middle attacker can force the server to use the low grade key. Fortunately for wolfSSL and CyaSSL users we do no support export cipher suites and key derivation. No versions of wolfSSL or CyaSSL are vulnerable to the FREAK attack. For more information check out: https://freakattack.com and https://www.smacktls.com/#freak .
Or feel free to visit our website at wolfssl.com or email us at facts@wolfssl.com .