An issue was discovered in Mbed TLS before 2.24.0 (and before 2.16.8 LTS and before 2.7.17 LTS). There is missing zeroization of plaintext buffers in mbedtls_ssl_read to erase unused application data from memory. CREATE(Triage):(User=admin) CVE-2020-36476 (https://nvd.nist.gov/vuln/detail/CVE-2020-36476)