OpenSSH Vulnerability

Armis Centrix™ for Actionable Threat Intelligence has been reviewing any potential exploitation in the wild of vulnerability (CVE-2024-6387 regreSShion). The exploit requires 10,000 attempts and specific conditions related to the GNU C Library (glibc), making widespread exploitation unlikely.

However, targeted attacks, specifically for IoT, OT and Medical Devices remain a major concern.

Immediate Steps for Protection:

Update Now: The most effective way to mitigate this risk is to update OpenSSH to version 9.8 or later.
Temporary Mitigation: If immediate updating is impossible, set LoginGraceTime to 0 in sshd_config to reduce RCE risk.
Implement Stricter Access Controls: Tighten SSH access control using firewalls and other network security tools.

Armis Platform

Extensions

Cybersecurity Insights from Experts and Billions of Assets

Industries

Public Sector

Securing the Automotive Manufacturing Process with Armis Centrix™

Asset Management and Security

OT/ IoT Security

Medical Device Security

Vulnerability Prioritization and Remediation

Compliance Frameworks

Resources

Armis

The Invisible Front Line: AI-powered Cyber Threats Illuminate the Dark Side

Partners

Partner Portal

About Us

Connect With Us