OpenSSH servers are reportedly being impacted in large numbers by a newly discovered vulnerability. This vulnerability is said to be a regression of a previously patched vulnerability that has resurfaced. According to the report, over 14 million servers are at risk, specifically servers running versions older than 4.4p1 can be affected by this vulnerability called regreSSHion. This regression was reportedly introduced in October 2020 (OpenSSH 8.5p1). The vulnerability is labeled and tracked as CVE-2024-6387.
Researchers Identify Major OpenSSH Vulnerability
Cybersecurity firm Qualys, which discovered the vulnerability, said in a after that CVE-2024-6387 is a remote unauthenticated code execution (RCE) vulnerability in the OpenSSH (sshd) server. OpenSSH, also known as OpenBSD Secure Shell (SSH), is a suite of tools that enable secure communication over a network. It is a widely implemented SSH protocol that provides a secure encrypted channel over an unsecured network. The system is used for both internal networks and over the Internet.
During its investigation, the cybersecurity firm reportedly found over 14 million potentially vulnerable OpenSSH server instances exposed to the internet. Among these were reportedly 7,00,000 external internet-facing instances that were vulnerable to the condition. This high number of exposed servers highlights the magnitude of the risk these systems are facing.
According to the report, the current vulnerability is a regression of a previously patched vulnerability from 2006, named CVE-2006-5051, and is therefore also called regreSSHion. An attacker could hypothetically execute arbitrary code with the highest privileges and compromise the entire system due to this vulnerability. Other threat actors could also bypass critical security mechanisms to gain root access to the affected server.
However, Qualys also noted that this vulnerability is not easily exploitable, as it is a remote race condition. It would likely require multiple break-in attempts before an attack is successful.
The cybersecurity firm advised companies using OpenSSH to apply available patches as soon as possible and prioritize the ongoing update process. Companies are also asked to restrict SSH access via network-based controls to minimize the attack surface.
Follow Gadgets 360 for the latest tech news and reviews. X, Facebook, WhatsApp, Wires And Google News. For the latest videos on gadgets and technology, subscribe to our Youtube Channel. If you want to know everything about top influencers, follow our in-house Who is that360 on Instagram And YouTube.
Mudrex and KoinX Partner to Process Crypto Taxes for Users in India
