CVE-2025-22869
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2025-22869 is a newly identified denial-of-service (DoS) vulnerability that affects SSH servers implementing file transfer protocols. The issue arises when clients deliberately slow down or fail to complete the key exchange during the file transfer process. As a result, pending content is read into server memory, consuming significant resources and causing a DoS condition. Servers that do not properly manage memory allocation during file transfers are particularly susceptible to this attack. To mitigate the risk, administrators are advised to apply patches and update their SSH servers as soon as possible. Additionally, implementing rate limiting and access control policies can help prevent excessive resource consumption from potential attackers.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.