Main Vulnerability Database Vulnerabilities #VU107332

#VU107332 Protection mechanism failure in OpenSSH - CVE-2025-32728

Published: April 10, 2025 / Updated: April 24, 2025

Vulnerability identifier: #VU107332

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-32728

CWE-ID: CWE-693

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
OpenSSH

Software vendor:
OpenSSH

Description

The vulnerability allows a remote user to bypass implemented security restrictions.

The vulnerability exists due to software does not properly handle the DisableForwarding directive, which does not disable X11 forwarding and agent forwarding as documented. A remote user can bypass expected application's behavior and bypass implemented security restrictions.

Remediation

Install updates from vendor's website.

External links

https://www.openwall.com/lists/oss-security/2025/04/09/1
https://www.openssh.com/txt/release-10.0

#VU107332 Protection mechanism failure in OpenSSH - CVE-2025-32728

Description

Remediation

External links

Please verify you're human