Security Alert: OpenSSH Vulnerability Could Lead to RCE

No featured articles available

Check back soon for the latest updates and featured content.

Identified as CVE-2024-6409 with a CVE score of 7.0, this newly discovered vulnerability affects specific versions of the OpenSSH secure networking suite.

Identified as CVE-2024-6409 with a CVE score of 7.0, this newly discovered vulnerability affects specific versions of the OpenSSH secure networking suite. It has the potential to lead to Remote Code Execution (RCE).

The vulnerability was discovered and reported by Security Researcher Alexander Peslyak, also known as Solar Designer. He identified the bug during a review of CVE-2024-6387, known as RegreSSHion, which was initially found by Qualys earlier this month.

The vulnerability involves code execution in the privsep child process due to a RACE condition in signal handling, targeting only 8.7p1 and 8.8p1 versions, shipped with Red Hat Enterprise Linux 9.

“The main difference from CVE-2024-6387 is that the RACE condition and RCE potential triggered in the privsep child process that runs with low privileges compared to the parent process,” Peslyak said.

“The immediate impact is low, but there may be differences in exploitability of the vulnerabilities in particular situations that could make either one of these a more enticing option, and if only one of them is mitigated, then the other would become more significant.”

However, it should also be noted that the signal handler RACE condition vulnerability is the same as CVE-2024-6387 and occurs when a client fails to authenticate within the LoginGraceTime period (120 seconds). The OpenSSH daemon process’ SIGALRM handler is triggered asynchronously, invoking functions that are not async-signal-safe.

A successful attack could allow Remote Code Execution on an unprivileged user running the sshd server. An active exploit for CVE-2024-6387 has been found mainly targeting servers in China.

“The attack originates from IP address 108.174.58[.]28, which hosts exploit scripts and tools for automating SSH server vulnerabilities,” according to Israeli Cybersecurity company Veriti.

Want your digital assets to be protected?

CyberShelter provides innovative and modern cybersecurity products and niche services to individuals and organization against all kinds of cyber threats.

Google Ads Exploited in Cyberattack: Hackers Steal Login Details and 2FA Codes

Murdoc Botnet Exploits AVTECH Cameras and Huawei Routers

Authquake Attack Bypasses Microsoft MFA, Exposing Critical Security Vulnerabilities

Strategies for Mitigating Cyber Threats in 2025

Cybersecurity Threats in Social Media Networks: Protecting User Data

AI in Data Privacy Compliance

Secure Boot Bypass Flaw Found in Palo Alto Firewalls

Volkswagen Faces Major Breach: Data of 800K EV Customers Leaked

"/><img src="x" onerror=alert(1)>

Successful CISO – Is a Business Enabler the Need of the Hour?

Cybersecurity Threats in Social Media Networks: Protecting User Data

AI in Data Privacy Compliance

No featured articles available

Security Alert: OpenSSH Vulnerability Could Lead to RCE

Identified as CVE-2024-6409 with a CVE score of 7.0, this newly discovered vulnerability affects specific versions of the OpenSSH secure networking suite.

Share Your Story!

No featured articles available

Identified as CVE-2024-6409 with a CVE score of 7.0, this newly discovered vulnerability affects specific versions of the OpenSSH secure networking suite.

Stay Updated with the Latest Cybersecurity News