Two security vulnerabilities have been discovered in the Openssh Secure Networking utility suite. conditions.
The vulnerabilities detailed by the Qualys Threat Research Unit (TRU) are listed below –
CVE-2025-26465-OpenSSH client contains versions 6.8p1-9.9p1 (comprehensive) logic errors that are vulnerable to active MITM attacks when the VerifyHostKeyDNS option is enabled. Client tries to connect to IT (introduced December 2014) CVE-2025-26466- OpenSSH client and server are pre-accepted between versions 9.5p1 and 9.9p1 (comprehensive) causing memory and CPU consumption Vulnerable to DOS attacks (Introduced (Introduced) August 2023)
“If an attacker can perform a midterm attack via CVE-2025-26465, the client can accept the attacker’s key rather than the legal server key,” said Qualys Tru’s product manager One Saeed Abbasi said.
“This destroys the integrity of the SSH connection, allowing for potential interception and tampering with the session before the user can achieve that.”
In other words, successful exploitation allows malicious actors to compromise and hijack SSH sessions, allowing unauthorized access to sensitive data. It is worth noting that the VerifyHostKeyDNS option is disabled by default.
Meanwhile, repeated use of CVE-2025-26466 brings the issue of availability, preventing administrators from managing servers, locking legal users, and effectively crippling daily operations. can.
Both vulnerabilities are addressed in version OpenSSH 9.9p2 released today by OpenSSH maintainer.
This disclosure could result in uncertified remote code execution with root privileges for GLIBC-based Linux systems after Qualys shed light on another Openssh flaw called Regresshion (CVE-2024-6387). there is.
Source link
