A large number of OpenSSH servers are affected by a newly discovered vulnerability. This vulnerability is said to be a regression of a previously patched vulnerability that has resurfaced. According to the report, more than 14 million servers were found to be at risk, especially those with versions prior to 4.4p1 may be affected by this vulnerability called regreSSHion. This regression was introduced in October 2020 (OpenSSH 8.5p1). The vulnerability has been tagged and is being tracked as CVE-2024-6387.
Researchers identify a major OpenSSH vulnerability
Cybersecurity firm Qualys, which discovered the vulnerability, said in a post that CVE-2024-6387 is a remote unauthenticated code execution (RCE) vulnerability in the OpenSSH (sshd) server. OpenSSH, also known as OpenBSD Secure Shell (SSH), is a set of tools that facilitate secure communication over a network. It is a widely implemented SSH protocol that provides a secure encrypted channel over an unsecured network. The system is used for both internal networks and the Internet.
During the investigation, the cybersecurity firm found more than 14 million potentially vulnerable OpenSSH server instances that were exposed on the Internet. Among them, it was reported that there were 7,00,000 external instances on the Internet that were vulnerable to the disease. This large number of exposed servers highlights the scale of risk these systems have.
According to the report, the current vulnerability is a regression of a previously patched vulnerability from 2006 called CVE-2006-5051, which is why it's also called regreSSHion. An attacker could hypothetically execute arbitrary code with the highest privileges and compromise the entire system due to this vulnerability. Other threat actors can also bypass critical security mechanisms to gain root access to the affected server.
However, Qualys also noted that this vulnerability is not easy to exploit because it is a remote race condition, and will likely require multiple intrusion attempts before an attack is successful.
The cybersecurity firm recommended that companies using OpenSSH apply available patches as soon as possible and prioritize the ongoing update process. Companies are also urged to limit SSH access using network-based controls to minimize the risks of attack.
For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and technology, subscribe to our YouTube channel. If you want to know all about the best influencers, follow our in-house Who'sThat360 on Instagram and YouTube.
Mudrex, KoinX partner to process crypto taxes for users in India
