regreSSHion: RCE in OpenSSH’s server

  • Level: High
  • CVE(s):  CVE-2024-6387
  • Affected Devices: MHD-8100-4G Rev.1.1

Overview

On Monday, July 1, 2024. The Qualys Threat Research Unit published a security advisory detailing a re-introduction of a previously patched unauthenticated Remote Code Execution (RCE) vulnerability in OpenSSH’s server (sshd) on glibc-based Linux systems, assigned to CVE-2024-6387, dubbed regreSSHion.

Vulnerable OpenSSH Versions

Qualys reports that the following versions of OpenSSH are vulnerable to CVE-2024-6387:

Version Vulnerable
OpenSSH < 4.4p1 Yes (unless patches have been backported against (CVE-2006-5051 and CVE-2008-4109)
4.4p1 <= OpenSSH < 8.5p1 No
8.5p1 <= OpenSSH < 9.8p1 Yes

Are SMSEagle products are affected?

The device model MHD-8100 4G Rev.1.1 is affected by the vulnerability.

Remediation

Update your OS packages using a console command:

get-apt-updates

Related Information

SMSEagle Security Advisories

SMSEagle continuously monitors and reports cybersecurity threats, enabling our customers to proactively take necessary mitigation steps to maintain the security of their devices. To assist you in managing and mitigating security risks SMSEagle offers product advisories.