Pakistan Telecommunication Authority (PTA) has released a Cyber Security Advisory warning about a critical vulnerability in OpenSSH’s server component on Linux systems, identified as CVE-2024-6387 and nicknamed “regreSSHion.”
This flaw, found in OpenSSH versions 8.5p1 through 9.7p1, enables unauthenticated remote code execution (RCE) as root, posing a severe risk of complete system compromise. According to the advisory, the vulnerability originates from OpenSSH’s integration with glibc, exposing affected systems to exploitation.
OpenSSH maintainers have released security patches to address the issue, with version 9.8p1 now available for download on the official OpenSSH website. However, PTA cautioned that inadvertent regressions during development cycles could result in similar vulnerabilities reappearing in future updates, underscoring the need for rigorous testing.
Urgent Recommendations
Classified as a high-severity vulnerability, PTA has urged users to take immediate actions, including:
- Upgrading OpenSSH: Update to the latest patched version (9.8p1).
- Network Segmentation: Restrict SSH access to trusted networks only.
- Regular Security Updates: Ensure all systems are patched and up to date.
These measures are critical to preventing exploitation and mitigating risks associated with the regreSSHion vulnerability.
Incident Reporting
PTA also provided guidance for reporting security breaches linked to this flaw. Users encountering incidents are encouraged to report them promptly via PTA CERT Portal or through the authority’s official email channels.
The advisory is part of PTA’s broader effort to enhance cybersecurity resilience across Pakistan, emphasizing vigilance and timely action to combat evolving digital threats.