Ssh-2.0-cisco-1.25 Vulnerability Jun 2026

Do not ignore the finding. Treat it as a signal to investigate , not as a confirmed exploit.

: A flaw in the SSHv2 public key authentication implementation could allow a remote attacker to bypass user authentication by using a crafted private key. This requires the attacker to know a valid username and the corresponding public key. SSH Denial of Service (CVE-2020-3200)

This is a classic vulnerability found in Cisco IOS versions that shipped with SSH-2.0-Cisco-1.25 . A crafted SSHv2 packet could cause the device to reload. The attack required only a single TCP connection and did not need authentication. An unauthenticated, remote attacker could crash a core router or switch, causing a network-wide outage. ssh-2.0-cisco-1.25 vulnerability

Older Cisco SSH implementations, including those that may return the 1.25 identifier, have been subject to other notable security advisories: What is Cisco-1.25 in ssh logging.

This banner is frequently associated with a vulnerability where the SSH server does not properly validate the state during the handshake process. Do not ignore the finding

A flaw in the SSH server code allows an authenticated remote attacker to cause a device reload. This occurs due to an internal state machine error that can be triggered by specific traffic patterns, leading to a DoS condition .

Security tools often alert on this banner because it helps attackers perform fingerprinting This requires the attacker to know a valid

. By advertising the exact version of the SSH server, the device tells a potential attacker exactly which bugs might be exploitable on that specific system.

If you’re doing or red teaming :

If the output returns SSH-2.0-Cisco-1.25 , the device is broadcasting the targeted string. Step-by-Step Mitigation Guide

: The device is configured to use the more secure SSH version 2 protocol.