Ssh-2.0-cisco-1.25 Vulnerability Jun 2026
The vulnerability affects devices configured for RSA-based user authentication (public key).
: An attacker can establish a standard SSH session and transmit a carefully crafted sequence of malformed packets. Instead of dropping the corrupted packets, the engine triggers an unexpected internal error, causing the entire device to reload or crash, leading to a network-wide Denial of Service. 3. Cryptographic Downgrade and Terrapin Attacks
3. State-Machine Denial of Service (CVE-2020-3200 / CVE-2022-20920) ssh-2.0-cisco-1.25 vulnerability
A more recent vulnerability (CVSS 5.3, Medium) was found in the SSH server of Cisco Adaptive Security Appliance (ASA) Software. The flaw is a logic error that occurs when an SSH session is established. An unauthenticated, remote attacker could exhaust available SSH resources by sending crafted SSH messages. This leads to a state where all new SSH connections are denied, causing a DoS condition for remote management, and the device must be to restore SSH service.
If an immediate software upgrade is not possible due to hardware limitations, apply the following configurations on the Cisco device: The flaw is a logic error that occurs
The banner SSH-2.0-Cisco-1.25 is a standard version string identifying the Secure Shell (SSH) server running on many
# Disable weak Diffie-Hellman groups ip ssh dh min size 2048 # Specify secure ciphers (prefer CTR or GCM modes) ip ssh server algorithm encryption aes256-ctr aes192-ctr aes128-ctr # Specify secure Message Authentication Codes (MACs) ip ssh server algorithm mac hmac-sha2-256 hmac-sha2-512 Use code with caution. Copied to clipboard Step 3: Obfuscate the Banner (Optional) ssh-2.0-cisco-1.25 vulnerability
The SSH-2.0-Cisco-1.25 vulnerability is a serious security flaw that can allow an attacker to gain unauthorized access to Cisco devices. It is essential to take immediate action to mitigate and remediate this vulnerability to prevent potential exploitation.
The string is the standard software banner embedded within the proprietary Secure Shell (SSH) server engine of older or unpatched Cisco IOS, IOS XE, and CatOS network infrastructure appliances. When network scanners or automated malicious scripts connect to an open Port 22, this string exposes the specific operating system signature.
