Open SSH Remote Code Execution Vulnerability

Open SSH Remote Code Execution Vulnerability

According to the vulnerability report that has been released on 22nd of July; a now-patched flaw in OpenSSH that could be potentially exploited in order to run arbitrary commands remotely on compromised hosts under specific conditions.

According to the report, this vulnerability allows a remote attacker to potentially execute arbitrary commands on vulnerable OpenSSH's forwarded ssh-agent. (CVE-2023-38408)

Affected Systems

-

IoC’s

-

Recommended Solution(s)

-

Mitigations

Users of OpenSSH are advised to update to the most recent version in order to safeguard against potential cyber threats.

CVE / CWE

CVE-2023-38408

Related Website(s)

• https://nvd.nist.gov/vuln/detail/CVE-2023-38408
• http://packetstormsecurity.com/files/173661/OpenSSH-Forwarded-SSH-Agent-Remote-Code-Execution.html
• http://www.openwall.com/lists/oss-security/2023/07/20/1
• http://www.openwall.com/lists/oss-security/2023/07/20/2
• https://blog.qualys.com/vulnerabilities-threat-research/2023/07/19/cve-2023-38408-remote-code-execution-in-opensshs-forwarded-ssh-agent
• https://github.com/openbsd/src/commit/7bc29a9d5cd697290aa056e94ecee6253d3425f8
• https://github.com/openbsd/src/commit/f03a4faa55c4ce0818324701dadbf91988d7351d
• https://github.com/openbsd/src/commit/f8f5a6b003981bb824329dc987d101977beda7ca
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RAXVQS6ZYTULFAK3TEJHRLKZALJS3AOU/
• https://news.ycombinator.com/item?id=36790196
• https://security.gentoo.org/glsa/202307-01
• https://www.openssh.com/security.html
• https://www.openssh.com/txt/release-9.3p2
• https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt

* Vulnerabilities with a CVSS 3.1 score between 7.0 and 8.9 are evaluated to be “high” whereas vulnerabilities with a CVSS 3.1 score between 9.0 and 10.0 are evaluated to be “critical”.