72/68 Friday, February 21, 2025
Researchers from the Qualys Threat Research Unit (TRU) have discovered two vulnerabilities in OpenSSH that could allow attackers to exploit systems through Man-in-the-Middle (MitM) and Denial-of-Service (DoS) attacks.
The first vulnerability, CVE-2025-26465 (CVSS 6.8), affects the OpenSSH Client, enabling attackers to intercept SSH connections, leading to MitM attacks, which pose risks of eavesdropping and data manipulation over SSH communications.
The second vulnerability, CVE-2025-26466 (CVSS 5.9), affects both the OpenSSH Client and Server, allowing attackers to launch a Pre-Authentication DoS Attack, overwhelming the system with excessive load, potentially causing it to slow down or become unresponsive.
The OpenSSH development team has released a patch in version 9.9p2 and strongly advises users to update immediately. Additionally, in July 2024, OpenSSH addressed CVE-2024-6409 (CVSS 7.0), which posed a Remote Code Execution (RCE) risk on OpenSSH servers running RHEL 9. This differs from CVE-2024-6387 (RegreSSHion), which was a more severe attack.
To mitigate the risks associated with SSH-based attacks, system administrators are urged to apply the latest security patches as soon as possible.
Source https://securityaffairs.com/174384/security/openssh-vulnerabilities-mitm-dos.html
