Thomas Hoger

**Name of the Vulnerable Software and Affected Versions** OpenSSH versions prior to 7.2 **Description** The issue is related to errors in security settings of the OpenSSH client, specifically with the handling of failed cookie generation for untrusted X11 forwarding. This allows a remote attacker to obtain trusted X11 forwarding privileges by leveraging configuration issues on the local X11 server, such as the lack of the SECURITY extension. The attacker can trigger a fallback and gain access to the target local X server. **Recommendations** For OpenSSH versions prior to 7.2, update to version 7.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the X11 server or disabling untrusted X11 forwarding until a patch is available.