PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-58317 TeraTerm Project CVE debrief

CVE-2026-58317 Unsigned to Signed Conversion Error vulnerability in TTSSH2 plugin of Tera Term. Out-of-bounds read/write may occur when establishing an SSH connection to a server set up by an attacker, potentially transmitting contents of adjacent memory regions. This may cause Tera Term to behave unexpectedly or terminate abnormally. Users should apply patches and verify Tera Term and TTSSH2 plugin versions.

Vendor
TeraTerm Project
Product
TTSSH2
CVSS
MEDIUM 5.1
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-17
Original CVE updated
2026-07-17
Advisory published
2026-07-17
Advisory updated
2026-07-17

Who should care

Users of Tera Term with TTSSH2 plugin installed should apply patches to prevent potential out-of-bounds read/write. IT administrators and security teams responsible for Tera Term deployments should review and update their systems. Vulnerability management and security teams should prioritize patching and verify system configurations.

Technical summary

The TTSSH2 plugin of Tera Term has an Unsigned to Signed Conversion Error (CWE-196) vulnerability. When Tera Term attempts to establish an SSH connection to a server set up by an attacker, out-of-bounds read/write may occur. This could transmit contents of adjacent memory regions to the server, causing Tera Term to behave unexpectedly or terminate abnormally. The vulnerability exists due to improper conversion of unsigned to signed values.

Defensive priority

Medium priority due to potential for unexpected behavior or abnormal termination and data transmission.

Recommended defensive actions

  • Apply patches provided by Tera Term Project
  • Verify and update Tera Term and TTSSH2 plugin to latest versions
  • Restrict SSH connections to trusted servers
  • Review system configurations and monitor for suspicious SSH connections
  • Perform vulnerability management and prioritize patching
  • Verify Tera Term and TTSSH2 plugin versions
  • Check relevant monitoring, detection, and logs for exposed assets

Evidence notes

Evidence from official CVE record and NVD detail. Limited information available on affected scope and vendor remediation. Defenders should verify Tera Term and TTSSH2 plugin versions, review system configurations, and monitor for suspicious SSH connections. Additional evidence from JVN65294474 and JVN65294474-en references.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-17T05:16:40.180Z and has not been modified since then.