Technology

PTA Issues Alert on “regreSSHion” Vulnerability in OpenSSH for Linux Systems

The Pakistan Telecommunication Authority (PTA) has issued a Cyber Security Advisory regarding a critical vulnerability in OpenSSH’s server component on Linux systems.

The flaw, known as CVE-2024-6387, or “regreSSHion”, enables unauthenticated remote code execution (RCE) with root privileges, posing a significant threat of complete system compromise.

The vulnerability is associated with OpenSSH’s integration with glibc, which elevates the likelihood of exploitation. It impacts OpenSSH versions 8.5p1 through 9.7p1. To alleviate the situation, the OpenSSH maintainers have implemented security upgrades.

The vulnerability was classified as high severity by the PTA, which urged immediate action. It is strongly advised that OpenSSH users upgrade to the recent version (9.8p1), which is accessible on the official OpenSSH website.

Additionally, it is advised to restrict SSH access, implement network segmentation, and ensure that all systems are consistently updated with the most recent security upgrades to prevent exploitation.

The advisory also guided how to report incidents that were associated with this vulnerability. Users who experience security vulnerabilities are advised to promptly submit them through the PTA CERT Portal or the authority’s official email channels. The objective of these measures is to improve the overall cybersecurity resilience and reduce the risk associated with the regreSSHion vulnerability.

 

Sponsored
Tehniyat Zafar

Share
Published by
Tehniyat Zafar

Recent Posts

IT Minister Reveals Rs. 1 Million Annual Salary for PTCL Board Officers

Pakistan Telecommunication Company Limited (PTCL) has told the Senate of Pakistan that government personnel acting…

9 hours ago

CM Punjab Seeks Huawei’s Collaboration to Transform Lahore into a Smart City

Punjab Chief Minister Maryam Nawaz, during her official visit to China, announced a collaboration with…

9 hours ago

National Forensics Agency to Be Established Following Senate Approval

The Senate of Pakistan has passed legislation to establish the National Forensics Agency (NFA), a…

9 hours ago

38000 Out of 2.32 Million Freelancers Hold Bank Accounts

As shocking news broke during a high-level meeting of the Prime Minister’s Committee on IT…

9 hours ago

Fake Degree Scandal Leads to DG NADRA Zulfiqar Ahmed’s Termination

DG Zulfiqar Ahmed has been dismissed from his position by the National Database and Registration…

10 hours ago

Supreme Court Declares Software Payments as Business Income, Not Royalties

The Supreme Court of Pakistan’s review bench has determined that payments for the use of…

10 hours ago