diff --git a/handshake_messages.go b/handshake_messages.go
index 1a75ca7..33e1085 100644
--- a/handshake_messages.go
+++ b/handshake_messages.go
@@ -1098,7 +1098,11 @@ func (m *serverHelloMsg) unmarshal(data []byte) alert {
 		if m.vers != VersionTLS12 {
 			return alertDecodeError
 		}
-		m.vers = uint16(svData[0])<<8 | uint16(svData[1])
+		rcvVer := binary.BigEndian.Uint16(svData[0:])
+		if rcvVer < VersionTLS13 {
+			return alertIllegalParameter
+		}
+		m.vers = rcvVer
 	}
 
 	for len(data) != 0 {