A serious flaw in OpenSSH servers, dubbed “regreSSHion,” affects macOS systems and could allow a remote attacker to execute arbitrary code.
A few weeks ago, Qualys’ threat research unit discovered this vulnerability, which has been identified as regreSSHion and tracked as CVE-2024-6387.
It was found that on glibc-based Linux systems, the vulnerability—a signal handler race condition in OpenSSH’s server, sshd—allows unauthenticated remote code execution (RCE) as root.
Today, Apple acknowledged that this significant vulnerability also impacts macOS systems.
How to Build a Security Framework With Limited Resources IT Security Team (PDF) - Free Guide
With a CVSS base score of 8.1, this high severity vulnerability in sshd was discovered in Portable OpenSSH versions 8.5p1 to 9.7p1.
Researchers say, in its default configuration, sshd is impacted by this race condition.
The cybersecurity company claimed to have found at least 14 million potentially dangerous OpenSSH server instances over the internet.
It further stated that the issue is a recurrence of an 18-year-old vulnerability, tracked as CVE-2006-5051, fixed and reintroduced in OpenSSH version 8.5p1 in October 2020.
“Successful exploitation has been demonstrated on 32-bit Linux/glibc systems with ASLR. Under lab conditions, the attack requires on average 6-8 hours of continuous connections up to the maximum the server will accept”, OpenSSH said in its advisory.
Successful exploitation of the vulnerability leads to a complete system compromise and takeover, allowing threat actors to execute arbitrary code.
Apple announced today that this serious issue also affects impacted systems and recommended users patch it right away.
It is recommended that all affected systems be updated to the most recent versions of macOS Monterey 12.7.6, macOS Ventura 13.6.8, and macOS Sonoma 14.6.
Are you from SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Free Access
Recent revelations about Google’s SafetyCore app have ignited a firestorm of privacy debates, echoing Apple’s…
Security researchers have uncovered a novel Bluetooth tracking vulnerability in Apple’s Find My network –…
Cybersecurity firm Group-IB, alongside the Royal Thai Police and Singapore Police Force, announced the arrest…
Cisco Systems has issued a critical security advisory for a newly disclosed command injection vulnerability…
A newly discovered Wi-Fi jamming technique enables attackers to selectively disconnect individual devices from networks…
GitLab has urgently released security updates to address multiple high-severity vulnerabilities in its platform that…