HomeCVE Intelligence › CVE-2024-27355
CVSS 7.5 HIGH Vulnerability

CVE-2024-27355: phpseclib guardrails needed on OID length

Impact Any application using that loads untrusted ASN1 files (eg. X509 certificates, RSA PKCS8 private or public keys, etc). Patches https://github.com/phpseclib/phpseclib/commit/e32531001b4d62c66c3d824ccef54ffad835eb59…

7.5CVSS Score
HIGHSeverity
NOCISA KEV
VulnerabilityImpact Type

📋 Vulnerability Details

CVE IDCVE-2024-27355
Vendorcomposer
Affected Productphpseclib/phpseclib
Vulnerability TypeVulnerability
CVSS Score7.5 (HIGH)
Actively Exploited❌ No known exploitation
Patch StatusSee Vendor Advisory →
Reported ByCYBERDUDEBIVASH SENTINEL APEX Intelligence (via github_advisories)

🔬 Technical Analysis

#

Impact

Any application using that loads untrusted ASN1 files (eg. X509 certificates, RSA PKCS8 private or public keys, etc).

Patches

https://github.com/phpseclib/phpseclib/commit/e32531001b4d62c66c3d824ccef54ffad835eb59

Workarounds

No.

Resources

https://github.com/phpseclib/phpseclib/commit/e32531001b4d62c66c3d824ccef54ffad835eb59 https://www.usenix.org/system/files/conference/usenixsecurity25/sec25cycle1-prepub-599-shi-bing.pdf

🎯 Known Indicators of Compromise

{"type":"sha1","value":"e32531001b4d62c66c3d824ccef54ffad835eb59","confidence_score":0.9,"first_seen":"2026-05-08","source_count":1} {"type":"url","value":"https://github.com/phpseclib/phpseclib/commit/e32531001b4d62c66c3d824ccef54ffad835eb59","confidence_score":0.82,"first_seen":"2026-05-08","source_count":1} {"type":"url","value":"https://www.usenix.org/system/files/conference/usenixsecurity25/sec25cycle1-prepub-599-shi-bing.pdf","confidence_score":0.82,"first_seen":"2026-05-08","source_count":1} {"type":"domain","value":"www.usenix.org","confidence_score":0.75,"first_seen":"2026-05-08","source_count":1}

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2024-27355 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries
🛡️ Get Detection Pack → 🔌 Access via API →

🔗 Related Intelligence