Warning of OpenSSH vulnerability
The National Cyber Security Centre SK-CERT warns of a vulnerability in OpenSSH that could be exploited by remote unauthenticated attackers for remote code execution (RCE) or denial of service (DoS).
OpenSSH is a popular tool used for secure communication, remote access or secure data transfer. It is an open-source implementation of the Secure Shell (SSH) communications protocol and is most often used on servers with Linux, BSD operating systems as well as on various devices such as Wi-Fi routers, IP phones and more.
The vulnerability is tracked as CVE-2023-25136. It is a double-free vulnerability. Exploiting this type of vulnerability for a denial of service is trivial, but today a proof-of-concept is available on how to exploit this vulnerability for much more dangerous remote code execution.
The critical vulnerability CVE-2023-25136 was assigned a CVSS score of 9.8.
Versions affected by this vulnerability:
- OpenSSH v. 9.1 and earlier
Regarding the mentioned vulnerability, the National Cyber Security Centre SK-CERT recommends the following to all users who use the vulnerable version of OpenSSH:
- immediately update the vulnerable version to the latest version,
- in the event of a cybersecurity incident detection, report the incident to the National Cyber Security Centre SK-CERT at [email protected].
Sources
- https://jfrog.com/blog/openssh-pre-auth-double-free-cve-2023-25136-writeup-and-proof-of-concept/
- https://thesecmaster.com/how-to-fix-cve-2023-25136-a-pre-authentication-double-free-vulnerability-in-openssh/#Summary_of_CVE-2023-25136
- https://nvd.nist.gov/vuln/detail/CVE-2023-25136
« Späť na zoznam
