Tuesday, September 17, 2024
HomeAppleCritical OpenSSH “regreSSHion” Vulnerability Impacted macOS  Systems, Patch Now

Critical OpenSSH “regreSSHion” Vulnerability Impacted macOS  Systems, Patch Now

Published on

A serious flaw in OpenSSH servers, dubbed “regreSSHion,” affects macOS systems and could allow a remote attacker to execute arbitrary code.

A few weeks ago, Qualys’ threat research unit discovered this vulnerability, which has been identified as regreSSHion and tracked as CVE-2024-6387

It was found that on glibc-based Linux systems, the vulnerability—a signal handler race condition in OpenSSH’s server, sshd—allows unauthenticated remote code execution (RCE) as root.

- Advertisement - EHA

Today, Apple acknowledged that this significant vulnerability also impacts macOS systems.

How to Build a Security Framework With Limited Resources IT Security Team (PDF) - Free Guide

Overview Of The Vulnerability

With a CVSS base score of 8.1, this high severity vulnerability in sshd was discovered in Portable OpenSSH versions 8.5p1 to 9.7p1.

Researchers say, in its default configuration, sshd is impacted by this race condition.

The cybersecurity company claimed to have found at least 14 million potentially dangerous OpenSSH server instances over the internet. 

It further stated that the issue is a recurrence of an 18-year-old vulnerability, tracked as CVE-2006-5051, fixed and reintroduced in OpenSSH version 8.5p1 in October 2020.

“Successful exploitation has been demonstrated on 32-bit Linux/glibc systems with ASLR. Under lab conditions, the attack requires on average 6-8 hours of continuous connections up to the maximum the server will accept”, OpenSSH said in its advisory.

Successful exploitation of the vulnerability leads to a complete system compromise and takeover, allowing threat actors to execute arbitrary code. 

Apple announced today that this serious issue also affects impacted systems and recommended users patch it right away.

Impacted Systems

It is recommended that all affected systems be updated to the most recent versions of macOS Monterey 12.7.6, macOS Ventura 13.6.8, and macOS Sonoma 14.6.

Are you from SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Free Access

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Chinese Hackers Charged for Multi-Year Spear-Phishing Attacks

Song Wu, a Chinese national, has been indicted on charges of wire fraud and...

Entro Security Labs Releases Non-Human Identities Research Security Advisory

Analysis of millions of real-world NHI secrets by Entro Security Labs reveals widespread, significant...

Critical Vulnerabilities Impact Million of D-Link Routers, Patch Now!

Millions of D-Link routers are at risk due to several critical vulnerabilities. Security researcher...

Windows MSHTML Zero-Day Vulnerability Exploited In The Wild

Adobe released eight security updates in September 2024, addressing 28 vulnerabilities in various products,...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

Chinese Hackers Charged for Multi-Year Spear-Phishing Attacks

Song Wu, a Chinese national, has been indicted on charges of wire fraud and...

Entro Security Labs Releases Non-Human Identities Research Security Advisory

Analysis of millions of real-world NHI secrets by Entro Security Labs reveals widespread, significant...

Critical Vulnerabilities Impact Million of D-Link Routers, Patch Now!

Millions of D-Link routers are at risk due to several critical vulnerabilities. Security researcher...