CVE-2025-14821
Libssh: libssh: insecure default configuration leads to local man-in-the-middle attacks on windows
Published:
4/7/2026
Last updated:
4/28/2026
Reserved:
12/17/2025
A flaw was found in libssh. This vulnerability allows local man-in-the-middle attacks, security downgrades of SSH (Secure Shell) connections, and manipulation of trusted host information, posing a significant risk to the confidentiality, integrity, and availability of SSH communications via an insecure default configuration on Windows systems where the library automatically loads configuration files from the C:\etc directory, which can be created and modified by unprivileged local users.
CNA assigner:
redhat (53f830b8-0a3f-465b-8143-3b8a9948e749)
Requested by:
n/a
Opam packages affected (1)
libssh
Products affected (14)
| Product |
Vendor |
Version |
| Red Hat Enterprise Linux 9 |
Red Hat
|
n/a
|
| Red Hat Enterprise Linux 10 |
Red Hat
|
openssl-1.0.2
|
| Red Hat Enterprise Linux 10 |
Red Hat
|
n/a
|
| Red Hat Enterprise Linux 8 |
Red Hat
|
n/a
|
| Red Hat Enterprise Linux 8 |
Red Hat
|
openssl-1.0.2c
|
| Red Hat Enterprise Linux 9 |
Red Hat
|
openssl-1.0.2d
|
| Red Hat Enterprise Linux 6 |
Red Hat
|
n/a
|
| Red Hat Enterprise Linux 6 |
Red Hat
|
openssl-1.0.2a
|
| Red Hat Enterprise Linux 7 |
Red Hat
|
openssl-1.0.2b
|
| Red Hat Enterprise Linux 7 |
Red Hat
|
n/a
|
| Red Hat Hardened Images |
Red Hat
|
openssl-1.1.0c
|
| Red Hat Hardened Images |
Red Hat
|
n/a
|
| Red Hat OpenShift Container Platform 4 |
Red Hat
|
openssl-1.0.2e
|
| Red Hat OpenShift Container Platform 4 |
Red Hat
|
n/a
|
Credits (2)
-
Red Hat would like to thank Martin Grubhofer for reporting this issue.
-
Red Hat would like to thank Martin Grubhofer for reporting this issue.