Regresshion (CVE-2024-6387) proved to be particularly dangerous, enabling informal distance code execution through a signal reittery vulnerability in the opensh. The vulnerability affected countless Linux systems and network devices, which are running weak openssh versions, although exploitation proved challenging due to modern memory security.
Moveit vulgarity (CVE-2024-5806) displayed how the third-party SSH libraries can introduce unexpected attack vectors. In this case, the iPworks SH Library considered public key certification data as a file path, enabling the authentication bypass.
Internet-wind scanning reveals frequent exposure patterns
It is quite bad that many SSH issues have been revealed in public. Does it potentially make it even worse about how many SSH servers are open to public internet.
The extensive scanning of the IPV4 space Moore revealed important trends in SSH Exposure. Research identified about 22 million addresses with Port 22 Open below 27 million in 2024. Port 22 is a default networking port used for SSH. Out of this 22 million, the scan was capable of going into a SSH certification phase on 15.4 million equipment.
The implementation variety shows data related to pattern. While OpenSsh and Dropbier Accounts have approximately 98% SSH implementation, the remaining 2% contain embedded devices, network equipment and special applications that often have weaknesses. These non-standard implementation often appear in the components of important infrastructure including industrial control systems, network equipment and file transfer solutions.
Patch adoption is severely low
One of the most disturbing conclusions is related to adopting the rate of safety improvement.
