Ssh-2.0-cisco-1.25 Vulnerability

Update your Cisco IOS/NX-OS to the latest version. You can check your status on the Cisco Bug Search Tool using your specific device model.

The SSH-2.0-Cisco-1.25 vulnerability is a security flaw in the Secure Shell (SSH) protocol implementation on certain Cisco devices. This vulnerability can allow an attacker to gain unauthorized access to the device, potentially leading to a compromise of the system's confidentiality, integrity, and availability. ssh-2.0-cisco-1.25 vulnerability

October 26, 2023 Target Service: SSH-2.0-Cisco-1.25 Severity: High to Critical (Context Dependent) Update your Cisco IOS/NX-OS to the latest version

Robust network-level filtering is essential. Administrators should implement strict ACLs on all network infrastructure devices to restrict SSH access exclusively to dedicated management subnets, jump hosts, and bastion servers. It is crucial to verify that the ACL implementation supports filtering for the specific features in use. A recent vulnerability (CVE-2025-20159) demonstrated that some ACL implementations were bypassed for SSH and other management features, so validation is key. This vulnerability can allow an attacker to gain

In early 2025, a critical vulnerability was identified in certain Cisco products where the SSH server was built using the .

: Confirms that the device supports the cryptographically secure SSHv2 standard rather than the insecure, obsolete SSHv1.