Remote and unauthenticated. An attacker does not need valid credentials to crash the device.
Improper resource management and logic errors during SSH session negotiation. ssh20cisco125 vulnerability exclusive
Devices running Cisco IOS 12.4-based releases. Remote and unauthenticated
There are no official workarounds that completely eliminate the risk other than upgrading the software or disabling the service. ssh20cisco125 vulnerability exclusive
While modern Cisco NX-OS and IOS XE have faced their own SSH-related vulnerabilities—such as CVE-2023-20050 and CVE-2022-20920—the era vulnerability is distinct because of its legacy nature.
Cisco has confirmed that newer IOS-XR and Meraki products are not impacted by this specific historical flaw. Critical Mitigation and Solutions
Deploy edge filters to block port 22 (SSH) traffic from untrusted sources targeting your core infrastructure.