English

Over 16,400 Private and State-Owned Businesses Exposed to RegreSSHion Vulnerability

Report this content

Copenhagen, Denmark, July 12, 2024 - A critical security flaw known as RegreSSHion (CVE-2024-6387) has put over 16,400 global organizations at risk of remote compromise, according to a recent investigation by Heimdal. 

This vulnerability, with a CVSS score of 8.1, raises significant concerns within the cybersecurity community due to its potential to enable remote code execution (RCE) on Linux systems.

Discovered by Qualys in June, RegreSSHion affects a considerable number of OpenSSH servers worldwide.

If left unpatched, it could allow attackers to gain full root access to critical servers, network devices, and IoT systems, posing severe threats to the integrity and security of these infrastructures.

Malware analyst Andrei-Mihai Minca's Shodan analysis has revealed an extensive list of vulnerable organizations, including:

  • Top academic institutions in the United States, United Kingdom, and Zurich
  • Major energy companies in France, Canada, and Zimbabwe
  • Respected education and government bodies in the United States, Italy, and Taiwan

To prevent exploitation, Heimdal is withholding the specific identities of these organizations.

A patch is available, and it is crucial for businesses to prioritize updating affected systems to mitigate the risk of exploitation.

Morten Kjaersgaard, founder of Heimdal, emphasized the severity and complexity of the issue:

“It’s important to note that while the vulnerability is severe, actual exploitation is quite complex and time-consuming, requiring thousands of attempts and specific system configurations.

“This makes widespread, indiscriminate exploitation less likely. However, targeted attacks by skilled threat actors remain a significant concern for organizations running vulnerable versions of OpenSSH.”

The vulnerability impacts businesses globally, with significant numbers reported in the United States (6,592), Germany (3,784), and France (1,164), among others.

Heimdal is actively reaching out to larger businesses at the highest risk to ensure they are aware of the necessity to patch this vulnerability immediately.

For more information and to ensure your systems are protected, please contact:

Press Contact:

Madalina Popovici
Media Relations Manager
mpo@heimdalsecurity.com

About Heimdal

Founded in Copenhagen in 2014, Heimdal empowers CISOs, Security Teams, and IT admins to enhance their SecOps, reduce alert fatigue, and take proactive measures through one seamless command and control platform.

Heimdal’s award-winning cybersecurity solutions cover the entire IT estate, offering solutions for every challenge, from endpoint to network level, in vulnerability management, privileged access, Zero Trust implementation, ransomware prevention, and more.

For more information, visit: Heimdal.

Tags:

cybersecurity Heimdal RegreSSHion

Subscribe

Media

Media

Documents & Links

Quotes

It’s important to note that while the vulnerability is severe, actual exploitation is quite complex and time-consuming, requiring thousands of attempts and specific system configurations. This makes widespread, indiscriminate exploitation less likely. However, targeted attacks by skilled threat actors remain a significant concern for organizations running vulnerable versions of OpenSSH.
Morten Kjaersgaard, founder of Heimdal