OpenSSH Vulnerability regreSSHion Identified, More Than 14 Million Servers at Risk: Report
OpenSSH servers in large numbers are reportedly affected by a newly discovered vulnerability. This vulnerability is said to be a regression of a previously patched vulnerability that has resurfaced. As per the report, more than 14 million servers were found to be at risk, particularly those with versions earlier than 4.4p1 can be affected by this vulnerability dubbed regreSSHion. This regression was reportedly introduced in October 2020 (OpenSSH 8.5p1). The vulnerability has been labelled and is being tracked as CVE-2024-6387.
Researchers identify major OpenSSH vulnerabilityCybersecurity firm Qualys, which discovered the vulnerability, said in a post that CVE-2024-6387 is a remote unauthenticated code execution (RCE) vulnerability in OpenSSH's server (sshd). OpenSSH, also referred to as OpenBSD Secure Shell (SSH), is a suite of tools that facilitate secure communication over a network. It is a widely implemented SSH protocol that provides a safe encrypted channel over an unsecured network. The system is used for both internal networks as well as over the Internet.
During the investigation, the cybersecurity firm reportedly found more than 14 million potentially vulnerable OpenSSH server instances that were exposed to the Internet. Among them, there were reportedly 7,00,000 external internet-facing instances that were vulnerable to the condition. This high number of exposed servers highlights the scale of risk these systems face.
Medusa Banking Trojan Returns to Target Android Users in These CountriesAs per the report, the current vulnerability is a regression of a previously patched vulnerability from 2006 dubbed CVE-2006-5051, which is why it is also being called regreSSHion. An attacker can hypothetically execute arbitrary code with the highest privileges and compromise the entire system due to this vulnerability. Further threat actors can also bypass critical security mechanisms to gain root access to the impacted server.
However, Qualys also pointed out that this vulnerability is not easy to exploit due to it being a remote race condition, and it will likely require multiple break-in attempts before an attack results in success.
BSNL Reportedly Suffers Major Data Breach Affecting Millions of Users Apple’s Internal Tools’ Source Code Allegedly Stolen, Leaked on Dark WebThe cybersecurity firm recommended enterprises using OpenSSH to apply available patches as soon as possible and to prioritise the ongoing update process. Enterprises are also asked to limit SSH access through network-based controls to minimise the attack risks.
.embed-container { position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden; max-width: 100%; } .embed-container iframe, .embed-container object, .embed-container embed { position: absolute; top: 0; left: 0; width: 100%; height: 100%; } Is the Samsung Galaxy Z Flip 5 the best foldable phone you can buy in India right now? We discuss the company's new clamshell-style foldable handset on the latest episode of Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.Affiliate links may be automatically generated - see our ethics statement for details.
OpenSSH Vulnerability regreSSHion Identified, More Than 14 Million Servers at Risk: Report
OpenSSH Vulnerability regreSSHion Identified, More Than 14 Million Servers at Risk: Report
OpenSSH Vulnerability regreSSHion Identified, More Than 14 Million Servers at Risk: Report
OpenSSH Vulnerability regreSSHion Identified, More Than 14 Million Servers at Risk: Report
OpenSSH Vulnerability regreSSHion Identified, More Than 14 Million Servers at Risk: Report
Play online games for free at games.easybranches.com
Guest Post Services www.easybranches.com/contribute