Putty
Monthly
Assertion failure in ECDSA signature verification within PuTTY 0.71 through 0.83 allows a network-positioned attacker to crash the PuTTY client, producing a denial-of-service condition. The vulnerability (CWE-617: Reachable Assertion) carries a CVSS 3.7 Low score with no confidentiality or integrity impact - availability impact is limited to the client process itself. No public exploit code exists and no active exploitation has been identified; SSVC rates exploitation as none and the EPSS score of 0.04% (12th percentile) confirms minimal current exploitation probability.
PuTTY's trust sigil mechanism - the application icon displayed to distinguish legitimate remote TELNET output from locally-injected spoofed content - fails to reset trust state between proxy authentication and the start of the main TELNET session in versions 0.77 through 0.83. Under CWE-451 (UI Misrepresentation of Critical Information), an attacker positioned to control or influence a TELNET proxy could present deceptive terminal content to the user bearing the trusted indicator, achieving low-integrity impact by misleading the user about the source or authenticity of displayed data. No public exploit exists, EPSS is 0.03% (9th percentile), CISA SSVC rates exploitation as none, and the overall CVSS score is 3.1 (Low), reflecting high attack complexity and narrow real-world applicability.
Double free in PuTTY's RSA key exchange implementation affects versions 0.72 through 0.83, creating a memory corruption condition that can crash the client when connecting to a server that negotiates RSA KEX. The CVSS vector (AV:N/AC:H/PR:N/UI:N/A:L) reflects a network-reachable but high-complexity trigger with only limited availability impact, consistent with a difficult-to-reproduce crash rather than reliable code execution. No active exploitation is confirmed per CISA KEV, SSVC reports exploitation status as none, and EPSS sits at 0.04% (12th percentile), indicating low real-world exploitation pressure at time of analysis.
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 53.6%.
PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
PuTTY before 0.75 on Windows allows remote servers to cause a denial of service (Windows GUI hang) by telling the PuTTY window to change its title repeatedly at high speed, which results in many. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1_MSG_DISCONNECT message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
PuTTY before 0.73 mishandles the "bracketed paste mode" protection mechanism, which may allow a session to be affected by malicious clipboard content. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
PuTTY before 0.73 on Windows improperly opens port-forwarding listening sockets, which allows attackers to listen on the same port to steal an incoming connection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
In PuTTY versions before 0.71 on Windows, local attackers could hijack the application by putting a malicious help file in the same directory as the executable. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 22.2%.
Multiple untrusted search path vulnerabilities in Putty beta 0.67 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) UxTheme.dll or (2) ntmarta.dll. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service (stack memory corruption) or execute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 28.6%.
Integer overflow in the terminal emulator in PuTTY before 0.66 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via an ECH (erase. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY 0.51 through 0.63 do not properly wipe SSH-2 private keys from memory, which allows local users to obtain sensitive information. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.
The rsa_verify function in PuTTY before 0.63 (1) does not clear sensitive process memory after use and (2) does not free certain structures containing sensitive process memory, which might allow. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.
Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) via an invalid DSA signature that is not properly handled during computation of a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) and possibly trigger memory corruption or code. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.
Assertion failure in ECDSA signature verification within PuTTY 0.71 through 0.83 allows a network-positioned attacker to crash the PuTTY client, producing a denial-of-service condition. The vulnerability (CWE-617: Reachable Assertion) carries a CVSS 3.7 Low score with no confidentiality or integrity impact - availability impact is limited to the client process itself. No public exploit code exists and no active exploitation has been identified; SSVC rates exploitation as none and the EPSS score of 0.04% (12th percentile) confirms minimal current exploitation probability.
PuTTY's trust sigil mechanism - the application icon displayed to distinguish legitimate remote TELNET output from locally-injected spoofed content - fails to reset trust state between proxy authentication and the start of the main TELNET session in versions 0.77 through 0.83. Under CWE-451 (UI Misrepresentation of Critical Information), an attacker positioned to control or influence a TELNET proxy could present deceptive terminal content to the user bearing the trusted indicator, achieving low-integrity impact by misleading the user about the source or authenticity of displayed data. No public exploit exists, EPSS is 0.03% (9th percentile), CISA SSVC rates exploitation as none, and the overall CVSS score is 3.1 (Low), reflecting high attack complexity and narrow real-world applicability.
Double free in PuTTY's RSA key exchange implementation affects versions 0.72 through 0.83, creating a memory corruption condition that can crash the client when connecting to a server that negotiates RSA KEX. The CVSS vector (AV:N/AC:H/PR:N/UI:N/A:L) reflects a network-reachable but high-complexity trigger with only limited availability impact, consistent with a difficult-to-reproduce crash rather than reliable code execution. No active exploitation is confirmed per CISA KEV, SSVC reports exploitation status as none, and EPSS sits at 0.04% (12th percentile), indicating low real-world exploitation pressure at time of analysis.
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 53.6%.
PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
PuTTY before 0.75 on Windows allows remote servers to cause a denial of service (Windows GUI hang) by telling the PuTTY window to change its title repeatedly at high speed, which results in many. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1_MSG_DISCONNECT message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
PuTTY before 0.73 mishandles the "bracketed paste mode" protection mechanism, which may allow a session to be affected by malicious clipboard content. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
PuTTY before 0.73 on Windows improperly opens port-forwarding listening sockets, which allows attackers to listen on the same port to steal an incoming connection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
In PuTTY versions before 0.71 on Windows, local attackers could hijack the application by putting a malicious help file in the same directory as the executable. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 22.2%.
Multiple untrusted search path vulnerabilities in Putty beta 0.67 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) UxTheme.dll or (2) ntmarta.dll. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service (stack memory corruption) or execute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 28.6%.
Integer overflow in the terminal emulator in PuTTY before 0.66 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via an ECH (erase. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY 0.51 through 0.63 do not properly wipe SSH-2 private keys from memory, which allows local users to obtain sensitive information. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.
The rsa_verify function in PuTTY before 0.63 (1) does not clear sensitive process memory after use and (2) does not free certain structures containing sensitive process memory, which might allow. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.
Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) via an invalid DSA signature that is not properly handled during computation of a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) and possibly trigger memory corruption or code. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.