Cyber Resilience

CVE-2025-5449

Medium

Published: 25 July 2025

Published
25 July 2025
Modified
08 January 2026
KEV Added
Patch
CVSS Score v3.1 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0052 67.2th percentile
Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-5449 is a medium-severity Integer Overflow or Wraparound (CWE-190) vulnerability in Libssh Libssh. Its CVSS base score is 6.5 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked in the top 32.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to…

more

failed memory allocation and causes the server process to crash, resulting in a denial of service.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

The integer overflow in libssh SFTP server packet length validation allows authenticated remote attackers to crash the server process on 32-bit systems via failed memory allocation, enabling application exploitation for endpoint denial of service.

Affected Assets

libssh
libssh
0.11.0, 0.11.1

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References