[1][2][3] The attack works by prefix truncation; the injection and deletion of messages during feature negotiation, manipulating sequence numbers in a way that causes other messages to be ignored without an error being detected by either client or server.

[4] As of January 3, 2024, an estimated 11 million publicly accessible SSH servers are still vulnerable.

[5] However, the risk is mitigated by the requirement to intercept a genuine SSH session, and that the attack can only delete messages at the start of a negotiation, fortuitously resulting mostly in failed connections.

[4][6] Additionally the attack requires the use of either ChaCha20-Poly1305 or a CBC cipher in combination with Encrypt-then-MAC modes of encryption.

[9][3] In addition to the main attack, two other vulnerabilities were found in AsyncSSH, and assigned the CVE IDs CVE-2023-46445 and CVE-2023-46446.