6.8

CVE-2025-26465

Media report

EPSS 58.35%
Published 18.02.2025 19:15:29
Last modified 26.09.2025 07:15:41
Source secalert@redhat.com
Teams watchlist Login
Open Login

A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

Affected products Warnungen 0 Metrics 3 CWE 1 References 26

Data is provided by the National Vulnerability Database (NVD)

Openbsd ≫ Openssh Version >= 6.9 <= 9.8

Openbsd ≫ Openssh Version6.8 Updatep1

Openbsd ≫ Openssh Version9.9 Update-

Openbsd ≫ Openssh Version9.9 Updatep1

Netapp ≫ Active Iq Unified Manager Version- SwPlatformvmware_vsphere

Netapp ≫ Ontap Version9

Redhat ≫ Openshift Container Platform Version4.0

Debian ≫ Debian Linux Version11.0

Debian ≫ Debian Linux Version12.0

Redhat ≫ Enterprise Linux Version9.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	58.35%	0.981

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.8	1.6	5.2	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
secalert@redhat.com	6.8	1.6	5.2	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE-390 Detection of Error Condition Without Action

The product detects a specific error, but takes no actions to handle the error.

https://www.heise.de/news/Dell-Secure-Connect-Gateway-Sicherheitsluecken-gefaehrden-Remote-IT-Support-10467370.html

Medienbericht

heise Security

https://www.heise.de/news/Viele-Sicherheitsluecken-in-Dell-OpenManage-Network-Integration-geschlossen-10466507.html

Medienbericht

heise Security

https://access.redhat.com/security/cve/CVE-2025-26465

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=2344780

Third Party Advisory

Issue Tracking

https://blog.qualys.com/vulnerabilities-threat-research/2025/02/18/qualys-tru-discovers-two-vulnerabilities-in-openssh-cve-2025-26465-cve-2025-26466

Third Party Advisory

https://bugzilla.suse.com/show_bug.cgi?id=1237040

Issue Tracking

https://ftp.openbsd.org/pub/OpenBSD/patches/7.6/common/008_ssh.patch.sig

Patch

https://lists.debian.org/debian-lts-announce/2025/02/msg00020.html

Third Party Advisory

https://lists.mindrot.org/pipermail/openssh-unix-announce/2025-February/000161.html

Third Party Advisory

https://security-tracker.debian.org/tracker/CVE-2025-26465

Third Party Advisory

https://security.netapp.com/advisory/ntap-20250228-0003/

Third Party Advisory

https://ubuntu.com/security/CVE-2025-26465

Third Party Advisory

https://www.openssh.com/releasenotes.html#9.9p2

Release Notes

https://www.openwall.com/lists/oss-security/2025/02/18/1

Third Party Advisory

Mailing List

https://www.openwall.com/lists/oss-security/2025/02/18/4

Third Party Advisory

Mailing List

https://www.theregister.com/2025/02/18/openssh_vulnerabilities_mitm_dos/

Press/Media Coverage

https://seclists.org/oss-sec/2025/q1/144

Third Party Advisory

Mailing List

https://www.vicarius.io/vsociety/posts/cve-2025-26465-detect-vulnerable-openssh

Third Party Advisory

https://www.vicarius.io/vsociety/posts/cve-2025-26465-mitigate-vulnerable-openssh

Third Party Advisory

Mitigation

https://access.redhat.com/errata/RHSA-2025:3837

https://access.redhat.com/errata/RHSA-2025:6993

https://access.redhat.com/errata/RHSA-2025:8385

https://access.redhat.com/errata/RHSA-2025:16823

https://nvd.nist.gov/vuln/detail/CVE-2025-26465

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-26465

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-26465

EUVD