An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock. CREATE(Triage):(User=admin) CVE-2020-36425 (https://nvd.nist.gov/vuln/detail/CVE-2020-36425)