A serious flaw in OpenSSH servers, dubbed “regreSSHion,” affects macOS systems and could allow a remote attacker to execute arbitrary code.
A few weeks ago, Qualys’ threat research unit discovered this vulnerability, which has been identified as regreSSHion and tracked as CVE-2024-6387.
It was found that on glibc-based Linux systems, the vulnerability—a signal handler race condition in OpenSSH’s server, sshd—allows unauthenticated remote code execution (RCE) as root.
Today, Apple acknowledged that this significant vulnerability also impacts macOS systems.
How to Build a Security Framework With Limited Resources IT Security Team (PDF) - Free Guide
With a CVSS base score of 8.1, this high severity vulnerability in sshd was discovered in Portable OpenSSH versions 8.5p1 to 9.7p1.
Researchers say, in its default configuration, sshd is impacted by this race condition.
The cybersecurity company claimed to have found at least 14 million potentially dangerous OpenSSH server instances over the internet.
It further stated that the issue is a recurrence of an 18-year-old vulnerability, tracked as CVE-2006-5051, fixed and reintroduced in OpenSSH version 8.5p1 in October 2020.
“Successful exploitation has been demonstrated on 32-bit Linux/glibc systems with ASLR. Under lab conditions, the attack requires on average 6-8 hours of continuous connections up to the maximum the server will accept”, OpenSSH said in its advisory.
Successful exploitation of the vulnerability leads to a complete system compromise and takeover, allowing threat actors to execute arbitrary code.
Apple announced today that this serious issue also affects impacted systems and recommended users patch it right away.
It is recommended that all affected systems be updated to the most recent versions of macOS Monterey 12.7.6, macOS Ventura 13.6.8, and macOS Sonoma 14.6.
Are you from SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Free Access
In a significant development, the Trump administration is reportedly formulating a plan to prevent a…
IBM has announced the resolution of several security vulnerabilities affecting its IBM Security Directory Integrator…
A new security vulnerability has been uncovered in Apache Solr, affecting versions 6.6 through 9.7.0.…
A cybersecurity researcher recently disclosed several critical vulnerabilities affecting Git-related projects, revealing how improper handling…
Researchers from IIT Kharagpur and Intel Corporation have identified a significant security vulnerability in Intel…
Burp Suite 2025.1, is packed with new features and enhancements designed to improve your web…