News Post

“RegreSSHion” vulnerability in OpenSSH gives attackers root on Linux

ArstechnicaArstechnica · 3m
“RegreSSHion” vulnerability in OpenSSH gives attackers root on Linux

Researchers have discovered a critical vulnerability in the OpenSSH networking utility that could allow attackers to gain complete control over Linux and Unix servers without the need for authentication. The vulnerability, known as CVE-2024-6387, enables remote code execution with root system rights on Linux systems that use glibc. This vulnerability, resulting from a regression introduced in 2020, could lead to system compromise, malware installation, data manipulation, and the creation of backdoors. While the severity of the threat is significant, factors such as the attack's time-consuming nature and limitations on OS versions make mass exploitation unlikely. However, targeted attacks may still be possible.

Comments

Download the medial app to read full posts, comements and news.