प्लेटफ़ॉर्म
php
घटक
auth0/auth0-php
में ठीक किया गया
8.0.1
8.14.0
This vulnerability, CVE-2025-47275, affects applications utilizing the Auth0-PHP SDK configured with CookieStore for session storage. An attacker can brute-force authentication tags within session cookies, potentially gaining unauthorized access to user accounts and sensitive data. This issue impacts Auth0-PHP SDK versions up to 8.9.3. A fix is available in version 8.14.0.
The primary impact of CVE-2025-47275 is the potential for unauthorized access to applications relying on the Auth0-PHP SDK. By successfully brute-forcing the authentication tags in session cookies, an attacker can impersonate legitimate users and execute actions on their behalf. This could involve accessing sensitive user data, modifying application configurations, or even gaining control of the entire application. The blast radius extends to any application using the vulnerable SDK and CookieStore configuration, potentially impacting a large number of users and systems. This vulnerability shares similarities with other cookie-based authentication bypasses, where weak or predictable authentication mechanisms are exploited.
CVE-2025-47275 was publicly disclosed on 2025-05-16. The CVSS score of 9.1 (CRITICAL) indicates a high probability of exploitation. While no public proof-of-concept (PoC) code has been released at the time of writing, the vulnerability's nature and severity suggest that a PoC is likely to emerge. It is not currently listed on the CISA KEV catalog.
Applications built with Symfony, Laravel, or WordPress that integrate with Auth0 for authentication and utilize the Auth0-PHP SDK with CookieStore session storage are particularly at risk. Shared hosting environments where multiple applications share the same PHP installation are also vulnerable, as a compromise of one application could potentially expose others.
• php / server:
find /var/www/html -name 'auth0-php' -type d -print0 | xargs -0 grep -i 'CookieStore'• php / server:
journalctl -u php-fpm | grep -i "Auth0-PHP"• generic web: Use a web proxy or browser extension to inspect session cookies for the presence of authentication tags. Look for patterns that could be brute-forced. • generic web: Review application logs for unusual authentication attempts or errors related to session management.
disclosure
एक्सप्लॉइट स्थिति
EPSS
0.08% (24% शतमक)
CISA SSVC
CVSS वेक्टर
The primary mitigation for CVE-2025-47275 is to immediately upgrade the Auth0-PHP SDK to version 8.14.0 or later. If an immediate upgrade is not feasible due to compatibility issues or breaking changes, consider implementing temporary workarounds. These might include stricter rate limiting on authentication tag requests, or implementing additional authentication checks within the application logic. Monitor application logs for suspicious activity, particularly unusual authentication attempts. After upgrading, confirm the fix by attempting to reproduce the authentication bypass using a known exploit technique and verifying that it fails.
Auth0-PHP लाइब्रेरी को संस्करण 8.14.0 या उच्चतर में अपडेट करें। एक अतिरिक्त सावधानी के उपाय के रूप में, कुकी एन्क्रिप्शन कुंजियों को घुमाने की अनुशंसा की जाती है। ध्यान रखें कि अपडेट के बाद, पिछली सत्र कुकीज़ अस्वीकार कर दी जाएंगी।
भेद्यता विश्लेषण और गंभीर अलर्ट सीधे आपके ईमेल में।
CVE-2025-47275 is a critical vulnerability in Auth0-PHP SDK versions up to 8.9.3 that allows attackers to brute-force authentication tags in session cookies, leading to unauthorized access.
You are affected if you use Auth0-PHP SDK versions ≤8.9.3 and have session storage configured with CookieStore, including applications using Auth0/symfony, Auth0/laravel-auth0, or Auth0/wordpress.
Upgrade Auth0-PHP SDK to version 8.14.0 or later. Consider temporary workarounds like rate limiting if an immediate upgrade is not possible.
While no public exploits are currently known, the vulnerability's severity and ease of exploitation suggest it is likely to be targeted.
Refer to the official Auth0 security advisory for detailed information and updates: [https://auth0.com/docs/security/security-advisories/auth0-php-sdk-authentication-bypass]
अपनी डिपेंडेंसी फ़ाइल अपलोड करें और तुरंत जानें कि यह CVE और अन्य आपको प्रभावित करती हैं या नहीं।