Thousands of servers could be at risk due to major OpenSSH security flaw

OpenSSH, regarded as one of the “most secure software implementations in the world” has a “glaring gap” that allows threat actors to completely take over Linux systems that have it installed, experts have warned.

A report from Qualys claims the vulnerability has been present in OpenSSH for four years, and is currently affecting some 14 million endpoints worldwide.

Qualys dubbed its finding ‘regreSSHion’, and says it is now tracked as CVE-2024-6387. The flaw was named ‘regreSSHion’ since it is a regression of the previously patched vulnerability CVE-2006-5051, fixed back in 2006. A regression is a flaw that was once fixed but was later reintroduced.

RegreSSHion

“If exploited, this vulnerability allows an attacker to execute arbitrary code with the highest privileges, leading to complete system takeover, installation of malware, creation of backdoors, and more,” the researchers said.

In a blog post detailing the findings, Qualys says that anonymized data from its CSAM 3.0 with External Attack Surface Management data revealed approximately 700,000 external internet-facing instances as vulnerable.

“This accounts for 31% of all internet-facing instances with OpenSSH in our global customer base,” the researchers added. “Interestingly, over 0.14% of vulnerable internet-facing instances with OpenSSH service have an End-Of-Life/End-Of-Support version of OpenSSH running.”

As per the warning given out by the researchers, the vulnerability is as serious as the Apache Log4J issue discovered back in 2021. That issue, tracked as CVE-2021-44228, and dubbed Log4Shell, was found in the Log4J logging library, widely used in Java applications. It allowed threat actors to execute malicious code remotely, and essentially take over the entire endpoint.

It was said that it impacted a vast number of organizations across different industries, including powerhouses such as Apple, Amazon, Tesla, and others. While the exact number of companies affected is impossible to determine, general consensus is that Log4Shell affected hundreds of millions of applications and devices globally.

More from TechRadar Pro

https://cdn.mos.cms.futurecdn.net/w7dvCXfJZfNUvhV9EE8g9k-1200-80.jpg

Source link

ExpressVPN vs Proton VPN – which is better?

Prime Day | TechRadar

Asus Vivobook S 15 Copilot+ review: beautiful laptop, half-baked AI

Save on Super Mario RPG, Super Mario Bros. Wonder, and more with lowest-ever prices on Nintendo Switch games at Amazon ahead of Prime Day

What UK political parties are promising in the 2019 general election

Otto Warmbier’s parents want North Korea to suffer for their son’s death

Could a ‘youthquake’ cause Boris Johnson to lose the general election?

People are driving through flames to escape this California wildfire

New ‘Westworld’ trailer introduces us to another dystopian tech company

What’s the point of ‘Charlie’s Angels’ without Sam Rockwell dancing?

These striking photos capture the future of human flight

‘Heathers’ is still the best dark comedy about high school hell

Faruqi & Faruqi, LLP Investigates Claims on Behalf of Investors of Cambium By Investing.com

Americans take a break to celebrate Independence Day By Reuters

Faruqi & Faruqi, LLP Investigates Claims on Behalf of Investors of Biogen By Investing.com

Faruqi & Faruqi, LLP Investigates Claims on Behalf of Investors of UnitedHealth By Investing.com

The YouTuber who has become one of Gen Z’s most beloved celebrities

26 last-minute holiday gifts that are still thoughtful and unique

Practicing gratitude regularly can make you less stressed and sleep better

8 things millennials wish you would just stop getting them for the holidays

Thousands of servers could be at risk due to major OpenSSH security flaw

ExpressVPN vs Proton VPN – which is better?

Faruqi & Faruqi, LLP Investigates Claims on Behalf of Investors of Cambium By Investing.com

Prime Day | TechRadar

Americans take a break to celebrate Independence Day By Reuters

Leave a reply Cancel reply