AsyncSSH.Extension.Info.Message.Extension.Downgrade
Description
This indicates an attack attempt to exploit an Extension Downgrade Vulnerability in AsyncSSH.
The vulnerability is due to an error during a SSH handshake. An attacker can exploit this by sending crafted packets to the target client. Successful exploitation could result in the downgrade of SSH extensions.
Affected Products
AsyncSSH prior to version 2.14.1.
Impact
Privilege Escalation: Attackers can leverage their privileges on vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://asyncssh.readthedocs.io/en/latest/changes.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |