CVE 9.4 CRITICAL

Host verification bypass and credential leak_CVE-2025-11625

October 21, 2025 invoker category_cve

9.4 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:Y/U:Red

Description

Improper host authentication vulnerability in wolfSSH version 1.4.20 and earlier clients that allows authentication bypass and leaking of clients credentials.

AI Analysis

Improper host authentication vulnerability allowing authentication bypass and credential leak

Basic Information

ID CVE-2025-11625

Source wolfSSL

Published Oct 21, 2025 at 13:25

Modified Oct 21, 2025 at 14:04

Affected Product

Vendor wolfSSL

Product wolfSSH

Version 1.4.20;0

Affected Versions wolfSSH wolfSSH 1.4.20;0

CWE Classification

CWE-287

AI Assessment

AI Score 9.4 / 10

AI Severity Critical

Vendor wolfSSL

Product wolfSSH

Version 1.4.20 and earlier

References

github.com /wolfSSL/wolfssh/pull/840

{
    "lastseen": "",
    "description": "Improper host authentication vulnerability in wolfSSH version 1.4.20 and earlier clients that allows authentication bypass and leaking of clients credentials.",
    "published": "2025-10-21T13:25:18.120Z",
    "modified": "2025-10-21T14:04:15.921Z",
    "type": "cve",
    "title": "Host verification bypass and credential leak",
    "source": "wolfSSL",
    "references": "https://github.com/wolfSSL/wolfssh/pull/840",
    "id": "CVE-2025-11625",
    "bulletinFamily": "",
    "cwe": [
        "CWE-287"
    ],
    "cvelist": null,
    "sourceData": "wolfSSH wolfSSH 1.4.20;0",
    "sourceHref": "",
    "cvss": {
        "score": 9.4,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:Y/U:Red",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "wolfSSH",
    "version": "1.4.20;0",
    "vendor": "wolfSSL",
    "ai_description": "Improper host authentication vulnerability allowing authentication bypass and credential leak",
    "ai_severity": "Critical",
    "ai_vendor": "wolfSSL",
    "ai_product": "wolfSSH",
    "ai_version": "1.4.20 and earlier",
    "ai_score": 9.4
}

💭 Join the Security Discussion ❌ Cancel Reply