CVE-2023-49316: Phpseclib needs guardrails on large binaryfield integers

Impact Anyone loading untrusted ASN1 files (eg. X509 certificates, RSA PKCS8 private or public keys, etc) Patches https://github.com/phpseclib/phpseclib/commit/964d78101a70305df33f442f5490f0adb3b7e77f Workarounds No. Re…

7.5CVSS Score

HIGHSeverity

NOCISA KEV

VulnerabilityImpact Type

📋 Vulnerability Details

CVE ID	CVE-2023-49316
Vendor	composer
Affected Product	phpseclib/phpseclib
Vulnerability Type	Vulnerability
CVSS Score	7.5 (HIGH)
Actively Exploited	❌ No known exploitation
Patch Status	See Vendor Advisory →
Reported By	CYBERDUDEBIVASH SENTINEL APEX Intelligence (via github_advisories)

🔬 Technical Analysis

Impact

Anyone loading untrusted ASN1 files (eg. X509 certificates, RSA PKCS8 private or public keys, etc)

Patches

https://github.com/phpseclib/phpseclib/commit/964d78101a70305df33f442f5490f0adb3b7e77f

Workarounds

No.

References

https://github.com/phpseclib/phpseclib/commit/964d78101a70305df33f442f5490f0adb3b7e77f https://www.usenix.org/system/files/usenixsecurity25-shi-bing.pdf

🎯 Known Indicators of Compromise

{"type":"sha1","value":"964d78101a70305df33f442f5490f0adb3b7e77f","confidence_score":0.9,"first_seen":"2026-05-08","source_count":1} {"type":"url","value":"https://github.com/phpseclib/phpseclib/commit/964d78101a70305df33f442f5490f0adb3b7e77f","confidence_score":0.82,"first_seen":"2026-05-08","source_count":1} {"type":"url","value":"https://www.usenix.org/system/files/usenixsecurity25-shi-bing.pdf","confidence_score":0.82,"first_seen":"2026-05-08","source_count":1} {"type":"domain","value":"www.usenix.org","confidence_score":0.75,"first_seen":"2026-05-08","source_count":1}

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2023-49316 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries

🛡️ Get Detection Pack → 🔌 Access via API →