Published on: 02 July 2024
Last update on: 03 July 2024
OpenSSH has released a new version to address a vulnerability in various versions of OpenSSH. The details of the security update can be found at:
https://www.openssh.com/txt/release-9.8
Reports indicate that the proof-of-concept (PoC) for the vulnerability (CVE-2024-6387) in OpenSSH is publicly available. In addition, a remote code execution vulnerability (CVE-2024-6409) was discovered. System administrators are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.
Successful exploitation of the vulnerability could lead to remote code execution on an affected system.
Software update for affected systems is now available. Users of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.