News
Comment: Highly critical vulnerability, affecting most Linux systems, has been found in OpenSSH
July 2024 by Sylvain Cortes, VP Strategy at Hackuity
News has emerged that a highly critical vulnerability, affecting almost all Linux systems, has been found in OpenSSH and could be a major issue for organisations in the event of an exploit.
Sylvain Cortes, VP Strategy at Hackuity comments:
“Virtually all Linux distributions, with the exception of Alpine Linux, are susceptible to this vulnerability. In the event of a successful exploit, adversaries could perform unauthenticated remote code execution (RCE) with root privileges, opening up potential for a myriad of malicious activities: deployment of malware, establishment of backdoors, and the exfiltration of highly sensitive data, to name a few.
Fortunately, Vendors are starting to release fresh patches; and security teams must prioritise their implementation to avert the threat level posed. The greatest challenge now lies in fixing a vulnerability of such scale - with 14 million OpenSSH systems potentially impacted, the potential for an incident of successful exploitation remains huge. Identifying and prioritising these specific systems in your own organisation is mission critical."
