CVE-2025-26465
MEDIUMCVSS v3
6.8
MEDIUM
EPSS Score
61.6%
exploit probability
CISA KEV
No
known exploited
Exploitation
—
SSVC status
Description
A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.
Technical Details
- Published
- 2/18/2025
Frequently Asked Questions
What is CVE-2025-26465?
A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.
Is CVE-2025-26465 actively exploited?
Active exploitation of CVE-2025-26465 has not been confirmed. The EPSS score is 61.6%, indicating the estimated probability of exploitation in the next 30 days.
What is the CVSS score for CVE-2025-26465?
CVE-2025-26465 has a CVSS v3 base score of 6.8 (MEDIUM severity).
Is CVE-2025-26465 affecting your environment?
Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.