Ssh-2.0-cisco-1.25 Vulnerability Patched Jun 2026

ssh -v -oKexAlgorithms=+diffie-hellman-group1-sha1 user@target

Internal flaws inside the Cisco-1.25 software state machine expose core enterprise routing switches to memory corruption and unexpected crashes. ssh-2.0-cisco-1.25 vulnerability

: This is the internal version of the Cisco SSH software implementation. Cisco Community Why Scanners Flag This CSCwi61646 - SSH Terrapin Prefix Truncation

This is a prefix truncation attack that targets the SSH protocol's integrity. CSCwi61646 - SSH Terrapin Prefix Truncation ... - Cisco Bug The logs showed a banner string: “SSH-2

Rosa was the network engineer for a small regional hospital. One quiet Sunday she noticed unusual login attempts on a Cisco router that connected the hospital’s outpatient clinics. The logs showed a banner string: “SSH-2.0-Cisco-1.25.” She recognized the banner from a vendor advisory she’d skimmed weeks earlier but had never fully investigated.

While "security by obscurity" isn't a primary defense, you can prevent casual scanning from identifying your exact version. On some platforms, you can customize or suppress parts of the SSH banner via the banner command, though the protocol-level version string (Cisco-1.25) is often hard-coded into the stack. Summary Table Vulnerability Mitigation Security Downgrade Disable ChaCha20-Poly1305 and CBC ciphers. RCE (CVE-2025-32433) Full System Takeover Immediate software update/patching. Weak KEX/Ciphers Data Decryption Update ip ssh settings to use SHA-2 and CTR.

: A Man-in-the-Middle (MitM) attacker can downgrade the connection's security by deleting specific protocol messages during the handshake without the client or server noticing. Cisco Bug ID : CSCwi61646 . 2. Unauthenticated Remote Code Execution (CVE-2025-32433)