Back

Critical OpenSSH Vulnerability Allows Root Access (CVE-2026-35414)

Severity: High (Score: 72.0)

Sources: Cisecurity, www.securityweek.com, nvd.nist.gov, Ccb.Belgium.Be, Csa.Sg

Summary

A high severity vulnerability (CVE-2026-35414) in OpenSSH has been identified, allowing attackers to bypass authentication and gain root access to affected servers. This flaw affects all OpenSSH versions prior to 10.3 and has been present for over 15 years. Exploitation requires a valid certificate from a trusted Certificate Authority, and successful attacks may not leave traces in logs, complicating detection efforts. Organizations are urged to update to version 10.3 or later immediately to mitigate risks. The vulnerability was publicly disclosed on April 2, 2026, with proof of concept released on April 29, 2026. No active exploitation has been reported yet, but the potential for significant damage exists. Security experts recommend enhancing monitoring and detection capabilities to identify any suspicious activities related to this vulnerability. Key Points: • CVE-2026-35414 allows root access via OpenSSH versions before 10.3. • Exploitation may go undetected due to lack of log traces. • Immediate patching to version 10.3 or later is critical for affected systems.

Key Entities

  • Data Breach (attack_type)
  • Belgium (country)
  • CVE-2026-35414 (cve)
  • CWE-269 - Improper Privilege Management (cwe)
  • CWE-287 - Improper Authentication (cwe)
  • T1021 - Remote Services (mitre_attack)
  • T1059 - Command and Scripting Interpreter (mitre_attack)
  • T1068 - Exploitation for Privilege Escalation (mitre_attack)
  • T1190 - Exploit Public-Facing Application (mitre_attack)
  • OpenSSH (platform)
  • OpenSSH Root Access Vulnerability (vulnerability)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed