Ssh20cisco125 Vulnerability _verified_

Older Cisco IOS releases (12.x, early 15.x) allowed administrators to generate RSA keys with the command:

Imagine a regional power utility still using Cisco 3825 routers from 2008, running IOS 12.4(24)T. The network admin generated an RSA key in 2012 using modulus 1000. An external attacker scans Shodan for "Cisco IOS" port:22 and filters by weak key exchange. They find 1,200 devices. Using a GPU cluster, they factor 500 keys in 48 hours. They then decrypt captured traffic and retrieve SNMP community strings, enabling remote control of substation breakers. ssh20cisco125 vulnerability