Ethical Hacking News
New OpenSSH Flaws Expose Critical Vulnerabilities to Man-in-the-Middle and Denial-of-Service Attacks
A recent discovery of two critical vulnerabilities in the widely used OpenSSH secure networking utility suite has highlighted the need for users to prioritize software security and stay up-to-date with the latest patches and updates. Follow us for more exclusive content on cybersecurity news, trends, and expert insights.
The OpenSSH utility suite has two critical vulnerabilities that could result in active machine-in-the-middle (MitM) and denial-of-service (DoS) attacks. CVE-2025-26465, a logic error, makes the client vulnerable to an active MitM attack if VerifyHostKeyDNS is enabled. CVE-2025-26466, a pre-authentication DoS attack, causes memory and CPU consumption, potentially crippling routine operations. The vulnerabilities have been addressed in OpenSSH version 9.9p2, but users should keep their software up-to-date to stay protected.
The cybersecurity landscape has taken another hit with the recent discovery of two critical vulnerabilities in the widely used OpenSSH secure networking utility suite. The Qualys Threat Research Unit (TRU) has revealed that these vulnerabilities, if successfully exploited, could result in active machine-in-the-middle (MitM) and denial-of-service (DoS) attacks, respectively, under certain conditions.
The first vulnerability, CVE-2025-26465, is a logic error in the OpenSSH client between versions 6.8p1 to 9.9p1 (inclusive) that makes it vulnerable to an active MitM attack if the VerifyHostKeyDNS option is enabled. This means that a malicious interloper can impersonate a legitimate server when a client attempts to connect to it, thereby breaking the integrity of the SSH connection and enabling potential interception or tampering with the session before the user even realizes it.
According to Saeed Abbasi, manager of product at Qualys TRU, "If an attacker can perform a man-in-the-middle attack via CVE-2025-26465, the client may accept the attacker's key instead of the legitimate server's key." This highlights the severity of the vulnerability and the potential risks it poses to users who rely on OpenSSH for secure connections.
The second vulnerability, CVE-2025-26466, is a pre-authentication DoS attack between versions 9.5p1 to 9.9p1 (inclusive) that causes memory and CPU consumption. This means that repeated exploitation of this vulnerability could result in availability issues, preventing administrators from managing servers and locking legitimate users out, effectively crippling routine operations.
In both cases, the vulnerabilities have been addressed in version OpenSSH 9.9p2 released today by OpenSSH maintainers. However, this only serves as a temporary fix, highlighting the need for users to keep their software up-to-date and vigilant against potential threats.
The disclosure comes over seven months after Qualys shed light on another OpenSSH flaw dubbed regreSSHion (CVE-2024-6387) that could have resulted in unauthenticated remote code execution with root privileges in glibc-based Linux systems. This further underscores the importance of regular security audits and vulnerability testing to ensure the integrity of critical infrastructure.
In response to these vulnerabilities, it is essential for users to take immediate action to patch their systems and protect themselves against potential attacks. Furthermore, this serves as a stark reminder of the ongoing cat-and-mouse game between cybersecurity professionals and malicious actors, highlighting the need for continuous vigilance and proactive measures to stay ahead of emerging threats.
The recent OpenSSH vulnerabilities are a timely reminder of the importance of prioritizing software security and staying up-to-date with the latest patches and updates. As the threat landscape continues to evolve, it is crucial for users to remain vigilant and take proactive steps to protect themselves against potential attacks.
Related Information:
https://thehackernews.com/2025/02/new-openssh-flaws-enable-man-in-middle.html
https://nvd.nist.gov/vuln/detail/CVE-2025-26465
https://www.cvedetails.com/cve/CVE-2025-26465/
https://nvd.nist.gov/vuln/detail/CVE-2025-26466
https://www.cvedetails.com/cve/CVE-2025-26466/
Published: Tue Feb 18 12:17:58 2025 by llama3.2 3B Q4_K_M
