CVE-2025-14821: Uncontrolled Search Path Element in Red Hat Red Hat Enterprise Linux 10
A flaw was found in libssh. This vulnerability allows local man-in-the-middle attacks, security downgrades of SSH (Secure Shell) connections, and manipulation of trusted host information, posing a significant risk to the confidentiality, integrity, and availability of SSH communications via an insecure default configuration on Windows systems where the library automatically loads configuration files from the C:\etc directory, which can be created and modified by unprivileged local users.
AI Analysis
Technical Summary
This vulnerability arises from libssh's insecure default behavior on Windows systems, where it automatically loads configuration files from the C:\etc directory. Because this directory can be created and modified by unprivileged local users, attackers can exploit this to conduct local man-in-the-middle attacks, downgrade SSH connections, and alter trusted host information. The issue impacts Red Hat Enterprise Linux 10 environments using libssh in this configuration. The CVSS 3.1 score is 7.8, indicating high severity with local attack vector, low attack complexity, and requiring low privileges without user interaction. The vendor advisory does not currently specify a remediation or patch status.
Potential Impact
The vulnerability allows local attackers to compromise SSH communications by intercepting or manipulating connections and trusted host data, potentially leading to unauthorized access or disruption of SSH services. The impact affects confidentiality, integrity, and availability of SSH sessions on affected systems configured with the vulnerable libssh library on Windows platforms. There are no known exploits in the wild at this time.
Mitigation Recommendations
Patch status is not yet confirmed — check the Red Hat advisory at https://access.redhat.com/security/cve/CVE-2025-14821 for current remediation guidance. Until an official fix is available, consider restricting local user permissions to prevent unauthorized modification of the C:\etc directory or altering libssh configuration to avoid loading from insecure paths. Monitor Red Hat communications for updates on patches or official mitigations.
CVE-2025-14821: Uncontrolled Search Path Element in Red Hat Red Hat Enterprise Linux 10
Description
A flaw was found in libssh. This vulnerability allows local man-in-the-middle attacks, security downgrades of SSH (Secure Shell) connections, and manipulation of trusted host information, posing a significant risk to the confidentiality, integrity, and availability of SSH communications via an insecure default configuration on Windows systems where the library automatically loads configuration files from the C:\etc directory, which can be created and modified by unprivileged local users.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability arises from libssh's insecure default behavior on Windows systems, where it automatically loads configuration files from the C:\etc directory. Because this directory can be created and modified by unprivileged local users, attackers can exploit this to conduct local man-in-the-middle attacks, downgrade SSH connections, and alter trusted host information. The issue impacts Red Hat Enterprise Linux 10 environments using libssh in this configuration. The CVSS 3.1 score is 7.8, indicating high severity with local attack vector, low attack complexity, and requiring low privileges without user interaction. The vendor advisory does not currently specify a remediation or patch status.
Potential Impact
The vulnerability allows local attackers to compromise SSH communications by intercepting or manipulating connections and trusted host data, potentially leading to unauthorized access or disruption of SSH services. The impact affects confidentiality, integrity, and availability of SSH sessions on affected systems configured with the vulnerable libssh library on Windows platforms. There are no known exploits in the wild at this time.
Mitigation Recommendations
Patch status is not yet confirmed — check the Red Hat advisory at https://access.redhat.com/security/cve/CVE-2025-14821 for current remediation guidance. Until an official fix is available, consider restricting local user permissions to prevent unauthorized modification of the C:\etc directory or altering libssh configuration to avoid loading from insecure paths. Monitor Red Hat communications for updates on patches or official mitigations.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2025-12-17T11:45:32.329Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/security/cve/CVE-2025-14821","vendor":"Red Hat"}]
Threat ID: 69d534e5aaed68159a357db8
Added to database: 4/7/2026, 4:46:29 PM
Last enriched: 4/7/2026, 5:01:27 PM
Last updated: 4/8/2026, 12:41:59 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.