Watch out for the malicious OpenSSH exploit using CVE-2024-6387 POCs

Watch out for the malicious OpenSSH exploit using CVE-2024-6387 POCs



A new OpenSSH race condition CVE-2024-6409 exploit has been identified, following a warning from Kaspersky about a fake RegreSSHion exploit targeting security researchers. The RegreSSHion vulnerability, CVE-2024-6387, was falsely claimed to have a proof of concept exploit on various forums. However, a legitimate exploit for CVE-2024-6387 has been confirmed, while a new vulnerability, CVE-2024-6409, has been discovered in OpenSSH. The vulnerabilities pose a risk to millions of users with the potential for remote attackers to gain root access. Security researchers have identified ways to mitigate the risks by applying specific configurations. Additionally, the proliferation of fake proofs of concept is concerning, as they may contain malware that exploits the curiosity of security researchers. Various vendors are working to address CVE-2024-6387 in their products, but experts advise against panicking, as the exploitation process is complex and requires specific knowledge of the target system. Nonetheless, organizations should remain vigilant and implement necessary security measures to protect against potential exploits.

Article Source
https://www.thestack.technology/openssh-exploit-cve-2024-6387-pocs/