Serious vulnerability in OpenSSH threatens millions of servers
OpenSSH is one of the most trusted security software in the world. The discovered vulnerability is said to affect approximately 14 million endpoint devices globally.
According to experts at Qualys, if the 'regreSSHion' vulnerability is successfully exploited, an attacker can completely take control of the system, install malicious code, create backdoors and perform many other dangerous acts.
In up to 700,000 cases, representing 31% of the total number of cases in Qualys' global customer base, OpenSSH facing the external internet was identified as vulnerable.
In fact, 'regreSSHion' is a re-introduction of a vulnerability that was previously patched in 2006.
Experts warn the 'regreSSHion' vulnerability has the same severity as the Log4Shell issue in Apache Log4J in 2021, one of the most serious computer security vulnerabilities ever discovered affecting hundreds of millions applications and devices worldwide.
Currently, there is no information that this vulnerability has been exploited in practice, but experts recommend that users and organizations need to update OpenSSH to the latest version to patch the vulnerability and ensure system security. system.
You should read it
- How to install OpenSSH on Windows 10
- New zero-day vulnerability warning in Windows Search, Windows protocol nightmare getting worse
- Microsoft urgently patched zero-day vulnerability after 2 years of refusing to acknowledge it
- 12-year vulnerability in pkexec gives hackers root privileges on Linux
- Detected a serious zero-day vulnerability in Microsoft Office, click the document file and it will stick
- PuTTYgen in Linux - SSH key generator
- Introducing OpenSSH
- 'Printer Catastrophe' Vulnerability Threatens All Versions of Windows
- What is VENOM Vulnerability? How can you protect yourself?
- Log4Shell zero-day vulnerability discovered, the new nightmare of enterprises
- Detects a vulnerability that threatens all Windows computers shipped from 2012 up to now
- Warning of dangerous Spring4Shell vulnerability, there are signs of scanning and exploiting
Maybe you are interested
There is a serious security vulnerability that has existed for 18 years in AMD processors, but it is not too worrying
A dangerous vulnerability that has existed for 18 years threatens millions of AMD Ryzen and EPYC CPUs
Google Workspace security vulnerability caused thousands of user accounts to be attacked
Thousands of iOS apps could be at risk because of an open source vulnerability
Google releases emergency update to patch Chrome vulnerability
Should we be worried about the iPhone vulnerability that forces iMessage to be disabled?