Risky Bulletin Newsletter
July 03, 2024
Risky Biz News: Unauth RCE in OpenSSH—a scary combination of words
Presented by

News Editor
There's an unauthenticated remote code execution vulnerability in OpenSSH. We're all gonna d... Nah, I'm kidding! It's actually not as bad as that combination of words makes it seem.
The vulnerability was discovered and disclosed on Monday by security firm Qualys. It is tracked as CVE-2024-6387 and is also known under the name of regreSSHion.
It impacts all OpenSSH versions released since October 2020.