Critical OpenSH Vulnerability Leaves Over 14 Million Servers Potentially At Risk
ITPro, Monday, July 1st, 2024
Researchers have uncovered the first security flaw affecting OpenSSH in almost two decades, and it's a big one - here's what you need to know
Researchers at cybersecurity platform Qualys have uncovered a critical security flaw in OpenSSH's server (sshd) in glibc-based Linux systems, which could potentially impact over 14 million internet-facing servers.
CVE-2024-6387 is an unauthenticated remote code execution (RCE) vulnerability that could grant threat actors full root access if exploited successfully.
The blog noted this flaw marks the first security vulnerability affecting OpenSSH in nearly two decades, and is especially dangerous by virtue of the number of enterprises that rely on the tool for remote server management.