Ssh20cisco125 Vulnerability Exclusive Patched 〈Newest • 2026〉

As of today, Cisco PSIRT has not published a CVE. However, three unrelated penetration testing firms have reported anomalous SSH memory corruption when connecting from a client advertising a malformed SSH_MSG_KEXINIT packet with a crafted cookie field. The unofficial tag “SSH20CISCO125” is being used to correlate these incident reports.

:

Improper resource management and logic errors during SSH session negotiation. ssh20cisco125 vulnerability exclusive

Standard service updates are generally unaffected, but "Engineering Special" (ES) versions 15.0 are highly vulnerable. 3. SSH Denial of Service (CVE-2026-20080) As of today, Cisco PSIRT has not published a CVE

SSHv1 does not use the vulnerable group exchange mechanism. Warning: Use only as a 24-hour stopgap. As of today

If you manage legacy Cisco networks, check your logs for these artifacts: