Overview

The Qualys Threat Research Unit (TRU) has discovered a Remote Unauthenticated Code Execution (RCE) vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems in July 2024. CVE assigned to this vulnerability is CVE-2024-6387. 

 


Advisory Details  


Advisory IDASA-2024-0701
Issue Date2024-07-01
Severity> 8
CVECVE-2024-6387



Vulnerability Details


CVE-2024-6387, or regreSSHion, is a critical vulnerability in OpenSSH server for glibc-based Linux systems. It allows attackers to gain full control of the system remotely without needing any login credentials. This is particularly dangerous because the vulnerable software runs in its default configuration on many servers. The vulnerability arises from a flaw in how the server handles signals, creating an opportunity for attackers to inject malicious code and run it with the highest privileges.


Due to the ease of exploitation and potential for complete system takeover, this vulnerability is classified as critical. 



Affected Products


Product NameAffected Version
Accops HySecure GatewayHySecure 5.4 SP2 with COS-1007 applied 
HySecure 5.4 SP5 with COS-1007 applied 
HySecure 5.4 SP6 with COS-1008 applied
Accops HyIDHySecure 5.4 SP2 with COS-1007 applied 
HySecure 5.4 SP5 with COS-1007 applied 
HySecure 5.4 SP6 with COS-1008 applied



Resolution

Accops has released the below fixes for this security vulnerability:

ModuleFix TypeFix Details
HySecure GatewayOS Hotfixhttps://support.accops.com/en/support/solutions/articles/12000100577-security-hotfix-ah-cos-cm-os01-5-4-sp5-20240723-hpat
HyID Gateway
OS Hotfix
https://support.accops.com/en/support/solutions/articles/12000100577-security-hotfix-ah-cos-cm-os01-5-4-sp5-20240723-hpat



Contact

Please reach out to support@accops.com if you have more questions about this update.