PatchSiren cyber security CVE debrief
CVE-2026-58317 TeraTerm Project CVE debrief
CVE-2026-58317 Unsigned to Signed Conversion Error vulnerability in TTSSH2 plugin of Tera Term. Out-of-bounds read/write may occur when establishing an SSH connection to a server set up by an attacker, potentially transmitting contents of adjacent memory regions. This may cause Tera Term to behave unexpectedly or terminate abnormally. Users should apply patches and verify Tera Term and TTSSH2 plugin versions.
- Vendor
- TeraTerm Project
- Product
- TTSSH2
- CVSS
- MEDIUM 5.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-17
- Original CVE updated
- 2026-07-17
- Advisory published
- 2026-07-17
- Advisory updated
- 2026-07-17
Who should care
Users of Tera Term with TTSSH2 plugin installed should apply patches to prevent potential out-of-bounds read/write. IT administrators and security teams responsible for Tera Term deployments should review and update their systems. Vulnerability management and security teams should prioritize patching and verify system configurations.
Technical summary
The TTSSH2 plugin of Tera Term has an Unsigned to Signed Conversion Error (CWE-196) vulnerability. When Tera Term attempts to establish an SSH connection to a server set up by an attacker, out-of-bounds read/write may occur. This could transmit contents of adjacent memory regions to the server, causing Tera Term to behave unexpectedly or terminate abnormally. The vulnerability exists due to improper conversion of unsigned to signed values.
Defensive priority
Medium priority due to potential for unexpected behavior or abnormal termination and data transmission.
Recommended defensive actions
- Apply patches provided by Tera Term Project
- Verify and update Tera Term and TTSSH2 plugin to latest versions
- Restrict SSH connections to trusted servers
- Review system configurations and monitor for suspicious SSH connections
- Perform vulnerability management and prioritize patching
- Verify Tera Term and TTSSH2 plugin versions
- Check relevant monitoring, detection, and logs for exposed assets
Evidence notes
Evidence from official CVE record and NVD detail. Limited information available on affected scope and vendor remediation. Defenders should verify Tera Term and TTSSH2 plugin versions, review system configurations, and monitor for suspicious SSH connections. Additional evidence from JVN65294474 and JVN65294474-en references.
Official resources
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-17T05:16:40.180Z and has not been modified since then.