Main Vulnerability Database SB2025041009

SB2025041009 - Security restrictions bypass in OpenSSH

Published: April 10, 2025 Updated: April 24, 2025

Security Bulletin ID SB2025041009

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Protection mechanism failure (CVE-ID: CVE-2025-32728)

The vulnerability allows a remote user to bypass implemented security restrictions.

The vulnerability exists due to software does not properly handle the DisableForwarding directive, which does not disable X11 forwarding and agent forwarding as documented. A remote user can bypass expected application's behavior and bypass implemented security restrictions.

Remediation

Install update from vendor's website.

References

https://www.openwall.com/lists/oss-security/2025/04/09/1
https://www.openssh.com/txt/release-10.0