WHAT WE KNOW SO FAR

A new OpenSSH unauthenticated remote code execution (RCE) vulnerability dubbed “regreSSHion” has been found to grant root privileges on glibc-based Linux systems – allowing unauthenticated remote attackers to execute arbitrary code as root.

HOW DID THIS HAPPEN?

The flaw was discovered by researchers at Qualys and assigned the identifier CVE-2024-6387. It was caused by a signal handler race condition in sshd that allows unauthenticated remote attackers to execute arbitrary code as root.

WHAT ARE THE CONSEQUENCES?

Vulnerabilities like regreSSHion can have severe consequences for affected servers, such as:

• Complete system takeover
• Installation of malware
• Data manipulation
• Creation of backdoors for persistent access
• Facilitate network propagation

..IS FREE TRULY FREE?

Open-source products like OpenSSH are incredibly popular amongst the wider community due to its cost efficiency and ease of installation – but companies forget to factor in the costs of incurring risks such as malware, backdoor access or even a complete system takeover.

TECTIA TECHNOLOGY HELPS YOU PROTECT YOUR BUSINESS.

INDUSTRY-LEADING RELIABILITY, EFFICIENCY, SPEED.

With over 25-years history of securing customer environments, Tectia is the preferred choice amongst many Fortune 500 companies. Transfer files 2x faster than OpenSSH, meet compliance standards, and create secure remote access with Tectia today.

Tectia is available in 3 flavours – Tectia Client/Server, Tectia Quantum-Safe, and Tectia Zero Trust.

Check out the Comparison Sheet