Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
CVE-2019-16905 is a high severity vulnerability with a CVSS score of 7.8. Exploits are available; patches have been released and should be applied urgently.
Please cite this page when referencing data from Strobes VI. Proper attribution helps support our vulnerability intelligence research.
Very low probability of exploitation
EPSS predicts the probability of exploitation in the next 30 days based on real-world threat data, complementing CVSS severity scores with actual risk assessment.
OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and remote code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.
| Vendor | Product |
|---|---|
| Siemens | Scalance X204rna Ecc Firmware |
| Siemens | Scalance X204rna Firmware |
| Netapp | Cloud Backup |
| Siemens | Scalance X204rna |
| Openbsd | OpenSSH |
| Netapp | Steelstore Cloud Integrated Storage |
| Siemens | Scalance X204rna Ecc |