Warning of OpenSSH vulnerability

The National Cyber Security Centre SK-CERT warns of a vulnerability in OpenSSH that could be exploited by remote unauthenticated attackers for remote code execution (RCE) or denial of service (DoS).

OpenSSH is a popular tool used for secure communication, remote access or secure data transfer. It is an open-source implementation of the Secure Shell (SSH) communications protocol and is most often used on servers with Linux, BSD operating systems as well as on various devices such as Wi-Fi routers, IP phones and more.

The vulnerability is tracked as CVE-2023-25136. It is a double-free vulnerability. Exploiting this type of vulnerability for a denial of service is trivial, but today a proof-of-concept is available on how to exploit this vulnerability for much more dangerous remote code execution.

The critical vulnerability CVE-2023-25136 was assigned a CVSS score of 9.8.

Versions affected by this vulnerability:

• OpenSSH v. 9.1 and earlier

Regarding the mentioned vulnerability, the National Cyber Security Centre SK-CERT recommends the following to all users who use the vulnerable version of OpenSSH:

• immediately update the vulnerable version to the latest version,
• in the event of a cybersecurity incident detection, report the incident to the National Cyber Security Centre SK-CERT at [email protected].

Sources

• https://jfrog.com/blog/openssh-pre-auth-double-free-cve-2023-25136-writeup-and-proof-of-concept/
• https://thesecmaster.com/how-to-fix-cve-2023-25136-a-pre-authentication-double-free-vulnerability-in-openssh/#Summary_of_CVE-2023-25136
• https://nvd.nist.gov/vuln/detail/CVE-2023-25136

« Späť na zoznam