Summary
The ChecksumCalculator class within allows for hashing and checksum generation, but it includes or defaults to algorithms that are no longer recommended for secure cryptographic use cases (e.g., SHA-1, CRC32, and SSDEEP). These algorithms, while possibly valid for certain non-security-critical tasks, can expose users to security risks if used in scenarios where strong cryptographic guarantees are required.
Requirement from NIST
Requirement from NIST regarding SHA1
Federal agencies should use SHA-2 or SHA-3 as an alternative to SHA-1.
Further guidance will be available soon. Send questions on the transition to [email protected].
https://www.nist.gov/news-events/news/2022/12/nist-retires-sha-1-cryptographic-algorithm
Mitigation and Fix
Make it clear to developers and users that the ChecksumCalculator is specific to the "Known File Filter" (KFF) document similarity feature and is not intended to suggest or endorse global use as a cryptographically secure hashing or checksum mechanism.
While these specific default insecure algorithms can not be updated without violating the intended use-case, it can be clearly documented and prevented using better access modifiers in the ChecksumCalculator class.
Details
Within ChecksumCalculator.java, the following points raise potential security concerns:
SHA-1:
SHA-1 has been widely deprecated for cryptographic purposes due to known collision attacks.
The constructor defaults to "SHA-1" if no specific algorithm is provided.
CRC32:
CRC32 is a simple checksum mechanism, not a cryptographic hash function. It is unsuitable for security-critical integrity checks since it can be easily manipulated or collided.
SSDEEP (Fuzzy Hashing):
SSDEEP is a context-specific tool used for similarity matching and may not be a secure cryptographic function for authentication or tamper detection.
There is no apparent mechanism to prevent developers from using these weaker algorithms in security-sensitive contexts. Users of emissary who rely on ChecksumCalculator for strong security guarantees (e.g., data integrity or authentication) may be misled into assuming these algorithms provide adequate protection.
PoC
Code could be found https://github.com/NationalSecurityAgency/emissary/blob/main/src/main/java/emissary/kff/ChecksumCalculator.java
Impact
Impact
Weakened Security Posture: Applications integrating Emissary may inadvertently use these algorithms in a way that could be exploited (e.g., collisions in SHA-1, trivial collisions in CRC32).
Misleading Assurance: Developers might assume Emissary’s recommended defaults are secure for cryptographic validation, which can result in insecure implementations.
Potential for Collision Attacks: Attackers could craft inputs that yield the same SHA-1 hash or manipulate CRC32 sums, thus bypassing naive integrity checks.
Because this project is produced under the NSA umbrella, users may have an inflated trust in its security posture, potentially leading them to rely on these algorithms in high-security environments without recognizing the associated risks.
The application uses a cryptographic algorithm known to have weaknesses, such as MD5, SHA-1, or DES. Typical impact: compromised confidentiality or integrity of protected data.
CVE-2025-27508 has a CVSS score of 7.5 (High). The vector is network-reachable, no privileges required, and no user interaction. A CVSS score reflects the worst-case severity of the vulnerability, not your specific exposure. Whether this affects your application depends on whether the vulnerable code is present and reachable in your environment. A fixed version is available (8.24.0); upgrading removes the vulnerable code path.
Affected versions
Security releases
Kodem intelligence
Severity tells you how bad this could be in the worst case. It does not tell you whether you are exposed. Exploitability and impact are functions of runtime truth: whether the vulnerable code is present, reachable, and actually executes in your application. A vulnerable package can sit in your dependency tree and never run.
Kodem, an Intelligent Application Security platform, uses runtime intelligence to reveal which vulnerabilities actually execute in production, so teams prioritize the ones that genuinely matter. Kodem's runtime-powered SCA identifies whether this CVE is reachable in your applications.
Remediation advice
Kodem Kai can prioritize this vulnerability in your dependency tree and generate a fix recommendation.
Frequently Asked Questions
- What is CVE-2025-27508? CVE-2025-27508 is a high-severity use of a broken or risky cryptographic algorithm vulnerability in gov.nsa.emissary:emissary (maven), affecting versions <= 8.23.0. It is fixed in 8.24.0. The application uses a cryptographic algorithm known to have weaknesses, such as MD5, SHA-1, or DES.
- How severe is CVE-2025-27508? CVE-2025-27508 has a CVSS score of 7.5 (High). This score reflects the worst-case severity of the vulnerability, not your specific exposure. Whether it represents real risk in your environment depends on whether the vulnerable code is present and reachable.
- Which versions of gov.nsa.emissary:emissary are affected by CVE-2025-27508? gov.nsa.emissary:emissary (maven) versions <= 8.23.0 is affected.
- Is there a fix for CVE-2025-27508? Yes. CVE-2025-27508 is fixed in 8.24.0. Upgrade to this version or later.
- Is CVE-2025-27508 exploitable, and should I be worried? Whether CVE-2025-27508 is exploitable in your environment depends on whether the vulnerable code is present and reachable. A CVSS score is a worst-case rating; it does not account for your specific deployment, configuration, or usage patterns. Kodem, an Intelligent Application Security platform, uses runtime intelligence to show which vulnerabilities actually execute in production, so you can focus on the ones that represent real risk. Get a demo
- What actually determines whether CVE-2025-27508 is exploitable, and how bad it is? Exploitability and impact are not fixed properties of a CVE. They depend on runtime truth: whether the vulnerable code is present, reachable, and actually executes in your application. A high CVSS score on a dependency that never runs is not the same as real risk. Kodem, an Intelligent Application Security platform, uses runtime intelligence to reveal which vulnerabilities actually execute in production, so teams prioritize the ones that genuinely matter.
- How do I fix CVE-2025-27508? Upgrade
gov.nsa.emissary:emissaryto 8.24.0 or later.