Another week, and another seemingly hair-raising security issue crops up: this time it's a vulnerability affecting a common application millions of people use for remote access over networks, namely OpenSSH. Except a bug has been found that potentially makes the remote access tool potentially a lot less secure. As per infosec industry custom, the critical bug was given a snazzy logo and a catchy name by Qualys: regreSSHion. #regreSSHion #CVE20246387 — Faisal (@faisalusuf) July 1, 2024Cutting to the chase, if an attacker is successful in exploiting the regreSSHion bug, it opens up the target system completely. Qualys said attackers can get root access; this is the highest level of privilege for an account on UNIX-like systems.

Source: Stuff July 02, 2024 12:46 UTC