Serious vulnerability in OpenSSH threatens millions of servers

According to TechRadar, a serious security vulnerability called 'regreSSHion' (CVE-2024-6387) has existed in OpenSSH for more than 4 years and is threatening many servers around the world.

OpenSSH is one of the most trusted security software in the world. The discovered vulnerability is said to affect approximately 14 million endpoint devices globally.

Picture 1 of Serious vulnerability in OpenSSH threatens millions of servers

According to experts at Qualys, if the 'regreSSHion' vulnerability is successfully exploited, an attacker can completely take control of the system, install malicious code, create backdoors and perform many other dangerous acts.

In up to 700,000 cases, representing 31% of the total number of cases in Qualys' global customer base, OpenSSH facing the external internet was identified as vulnerable.

In fact, 'regreSSHion' is a re-introduction of a vulnerability that was previously patched in 2006.

Experts warn the 'regreSSHion' vulnerability has the same severity as the Log4Shell issue in Apache Log4J in 2021, one of the most serious computer security vulnerabilities ever discovered affecting hundreds of millions applications and devices worldwide.

Currently, there is no information that this vulnerability has been exploited in practice, but experts recommend that users and organizations need to update OpenSSH to the latest version to patch the vulnerability and ensure system security. system.

Update 04 July 2024
Category

System

Mac OS X

Hardware

Game

Tech info

Technology

Science

Life

Application

Electric

Program

Mobile