Two newly discovered vulnerabilities in OpenSSH, the widely used secure remote connection protocol, necessitate immediate attention and patching. The vulnerabilities allow attackers to execute man-in-the-middle (MitM) and denial-of-service (DoS) attacks. OpenSSH recommends updating to version 9.9p2 to mitigate these risks.
Researchers have revealed two newly discovered vulnerabilities in OpenSSH, now that patches have been released. Qualys identified the bugs in January, according to its disclosure timeline. These vulnerabilities enable attackers to execute man-in-the-middle (MitM) attacks on the OpenSSH client and pre-authentication denial-of-service (DoS) attacks. Patches for CVE-2025-26465 and CVE-2025-26466 were issued earlier today. While their respective severity scores (6.8 and 5.
9) might not immediately necessitate a 'patch me now' response, they certainly warrant prompt attention. OpenSSH is the open-source implementation of the SSH protocol, which underpins numerous encrypted remote connections across Windows, Linux, and macOS, as well as secure file transfers. Prominent organizations leveraging the client include Facebook, Morgan Stanley, NetApp, Netflix, and Uber. The MitM vulnerability (CVE-2025-26465) can only be exploited when the VerifyHostKeyDNS option is set to 'yes' or 'ask.' While the default setting currently is 'no,' between September 2013 and March 2023, it was enabled by default. If an attacker exploits this vulnerability, they could intercept or manipulate data transmitted over what users perceive to be a secure, encrypted channel. This vulnerability allows an attacker to impersonate the server to which a vulnerable OpenSSH client typically connects, bypassing server identity checks, ultimately leading to a MitM attack.SSH sessions are prime targets for attackers seeking to intercept credentials or hijack sessions. If compromised, hackers could view or manipulate sensitive data, laterally move across multiple critical servers, and exfiltrate valuable information, such as database credentials. The DoS vulnerability (CVE-2025-26466) affects both the OpenSSH client and server, potentially resulting in prolonged outages that prevent administrators from performing maintenance on essential servers. It is caused by asymmetric resource consumption of both memory and CPU. It's worth noting that the MitM bug was introduced to OpenSSH over a decade ago in December 2014, shortly before version 6.8p1 was released. The DoS bug emerged in August 2023, not long before version 9.5p1. OpenSSH has now released version 9.9p2, which addresses both vulnerabilities. They expressed gratitude to Qualys for the report and acknowledged the continued support of the OpenSSH community. Qualys's technical advisory also includes a proof-of-concept (PoC) exploit for both vulnerabilities. The simultaneous release of the PoC exploit and the patch suggests that administrators should prioritize updating their systems as soon as possible.
Openssh Vulnerabilities Mitm Dos Patching Cybersecurity Remote Connections
United Kingdom Latest News, United Kingdom Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Oracle Patches Critical Vulnerabilities in Multiple ProductsOracle has released a comprehensive set of security patches addressing critical vulnerabilities in its wide range of products, including Agile PLM Framework, Oracle Communications, Oracle Analytics, Oracle Hospitality Applications, JD Edwards, MySQL, and PeopleSoft.
Read more »
Netgear Patches Critical Router Vulnerabilities Amidst Global Edge Device Security ConcernsNetgear urges customers to update their router firmware following the discovery and patching of two critical vulnerabilities. The vulnerabilities, affecting multiple router models, highlight the growing importance of securing edge devices, which are increasingly targeted by attackers. Simultaneously, national cybersecurity agencies issue a joint advisory emphasizing the need for robust security measures on edge devices such as routers, WAPs, and smart home cameras.
Read more »
Cisco Patches Critical Vulnerabilities in Identity Services Engine Allowing Full Device TakeoverTwo critical vulnerabilities have been patched in Cisco's Identity Services Engine (ISE) that could allow an authenticated remote attacker to execute arbitrary commands as root, access sensitive information, modify configurations, and reload affected devices. Exploiting these vulnerabilities requires valid read-only administrative credentials but highlights the risk of compromised credentials in ransomware attacks and insider threats. Both bugs affect Cisco ISE and Cisco ISE Passive Identity Connector (ISE-PIC) versions 3.0 to 3.3, and patches are available.
Read more »
Netgear Router Users Urged to Update After Critical Vulnerabilities FoundNetgear has released firmware updates to patch two critical remote code execution vulnerabilities affecting multiple WiFi router models. Users are advised to immediately check for and install the latest firmware to secure their devices.
Read more »
Microsoft's February Patch Tuesday: Smaller But Still Significant IssuesMicrosoft's February patch release is smaller than January's, but it still includes several critical vulnerabilities that require attention. The most severe flaws involve elevation of privilege in Windows Ancillary Function Driver for Winsock and Windows Storage, as well as a wormable remote-code execution vulnerability in Windows LDAP. Microsoft also addressed vulnerabilities in Excel, DHCP Client Service, and Certificate-based authentication on domain controllers. Several patches are also available for Windows Telephony and Office applications.
Read more »
US Authorities Call Buffer Overflow Vulnerabilities 'Unforgivable' and Urge Secure Coding PracticesThe US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have jointly issued a security alert categorizing buffer overflow vulnerabilities as 'unforgivable defects' and urging software developers to prioritize secure coding practices to mitigate these risks. The agencies emphasize that these vulnerabilities, which allow attackers to exploit software flaws and gain unauthorized access to systems, are preventable if developers adopt modern and secure coding techniques.
Read more »