CVE-2025-30095 Overview
CVE-2025-30095 is a critical cryptographic vulnerability affecting VyOS versions 1.3 through 1.5 and potentially any Debian-based system using Dropbear SSH in combination with live-build. The vulnerability stems from hardcoded private host keys that are identical across different installations, enabling active man-in-the-middle attacks against SSH connections when Dropbear is enabled as the SSH daemon.
Critical Impact
Attackers can conduct man-in-the-middle attacks against SSH connections, potentially intercepting, modifying, or injecting malicious commands into encrypted SSH sessions across any affected VyOS installation.
Affected Products
- VyOS 1.3 through 1.5 (fixed in 1.4.2)
- Any Debian-based system using Dropbear with live-build
- VyOS console service (default configuration)
Discovery Timeline
- 2025-03-31 - CVE CVE-2025-30095 published to NVD
- 2025-04-11 - Last updated in NVD database
Technical Details for CVE-2025-30095
Vulnerability Analysis
This vulnerability is classified under CWE-321 (Use of Hard-coded Cryptographic Key), representing a fundamental cryptographic security flaw. The issue affects network-accessible systems where the attack can be executed without authentication or user interaction. The scope is changed, meaning successful exploitation can impact resources beyond the vulnerable component, potentially compromising the confidentiality, integrity, and availability of connected systems and data traversing the SSH connection.
In VyOS, while Dropbear is not the default SSH daemon for the main system SSH service, it is the default configuration for the console service, making this a significant security concern for administrators who may be unaware of the exposure.
Root Cause
The root cause lies in the build process for Debian-based live images. When using live-build in combination with Dropbear, the private host keys generated during the image creation process are embedded directly into the release image. Unlike OpenSSH, which has safeguards against this behavior in the live-build process, Dropbear lacks equivalent protection mechanisms. This results in every installation from the same image sharing identical private SSH host keys.
Attack Vector
The attack vector is network-based, requiring the attacker to position themselves in the network path between a legitimate user and the VyOS device running Dropbear. Since all vulnerable installations share the same private host keys, an attacker with knowledge of these keys can:
- Intercept SSH connection attempts by impersonating the target VyOS device
- Decrypt SSH traffic using the known private key
- Potentially inject commands or exfiltrate sensitive data
- Forward traffic to the actual target while maintaining the man-in-the-middle position
The vulnerability requires high attack complexity as the attacker must achieve a privileged network position, but no user interaction or authentication is required for exploitation.
Detection Methods for CVE-2025-30095
Indicators of Compromise
- Unexpected SSH connection warnings or certificate/key changes on client systems
- Network traffic anomalies indicating potential man-in-the-middle positioning
- SSH host key fingerprints matching known compromised keys from default VyOS images
- Suspicious ARP traffic or DNS responses indicating network-level interception attempts
Detection Strategies
- Verify SSH host key fingerprints against known-good values established after key regeneration
- Implement SSH host key pinning on client systems connecting to VyOS devices
- Monitor for duplicate SSH host key fingerprints across multiple VyOS installations in your environment
- Review Dropbear key files in /etc/dropbear/ and /etc/dropbear-initramfs/ for creation timestamps matching the image build date
Monitoring Recommendations
- Configure network monitoring to detect ARP spoofing and other man-in-the-middle indicators
- Implement SSH certificate authority (CA) based authentication where possible
- Enable logging of SSH connection attempts and key exchanges on VyOS devices
- Consider deploying network-based intrusion detection to identify suspicious SSH traffic patterns
How to Mitigate CVE-2025-30095
Immediate Actions Required
- Regenerate Dropbear host keys immediately on all affected VyOS installations
- Update to VyOS 1.4.2 or the latest version of VyOS 1.5 (2025 Q1 release)
- Audit all Debian-based systems using Dropbear with live-build for similar key reuse issues
- Notify users who connect via SSH to verify new host key fingerprints after regeneration
Patch Information
VyOS has released fixed versions addressing this vulnerability. Administrators should update to VyOS 1.4.2 or later for the 1.4 branch, or download the latest VyOS Stream 1.5 2025-Q1 release. For detailed patch information, refer to the VyOS Project March 2025 Update and the VyOS Issue T7217 tracking this vulnerability.
Workarounds
- Remove existing Dropbear keys and regenerate them using the commands provided below
- If Dropbear is not required, disable it and use OpenSSH exclusively for SSH services
- Implement network segmentation to limit exposure of management interfaces
- Deploy VPN or other encrypted tunnels for management access to reduce man-in-the-middle risk
# Remove compromised Dropbear keys
rm -f /etc/dropbear/*key*
rm -f /etc/dropbear-initramfs/*key*
# Regenerate secure RSA host key (4096-bit)
dropbearkey -t rsa -s 4096 -f /etc/dropbear_rsa_host_key
# Reload the Dropbear service or reboot the system
# to apply the new keys before using Dropbear as SSH daemon
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
