The Download
Researchers at security firm Qualys found a severe vulnerability in the popular remote login protocol OpenSSH that has a massive worldwide footprint. The vulnerability (CVE-2024-6387) allows unauthenticated remote code execution. The vulnerability is an older vulnerability from 2006 that was re-introduced in October 2020 with the release of OpenSSH 8.5p1. Software bug regression is not a new phenomena, which is often why regression tests are run before releasing software to ensure old fixed bugs are not re-introduced.
The scale of the exposure is potentially massive. An internet wide scan with Shodan and Censys yielded over 14 million potentially vulnerable instances of the RegreSSHion bug. If you are running an older version of OpenSSH you likely have this vulnerability.
What You Can Do
There is a time window between the disclosure of the bug and its weaponization and wide scale exploitation. Because OpenSSH is mostly used for remote administration, this means once the bug is weaponized in toolkits, massive scanning and exploitation will begin. Now is the time window to both discover and patch the bug. Upgrading OpenSSH to version 9.8p1 or later will remedy the vulnerability. Use ThreatMate to discover your attack surfaces, external and internal.
To Learn More:
Comments