VDE-2024-042 | CERT@VDE

2024-07-31 10:00 (CEST) VDE-2024-042

Red Lion Europe: Multiple products are vulnerable to regreSSHion

Share: Email | Twitter

ID

VDE-2024-042

Published

2024-07-31 10:00 (CEST)

Last update

2024-07-30 14:37 (CEST)

Vendor(s)

Red Lion Europe GmbH

Product(s)

Article No°	Product Name	Affected Version(s)
	mbCONNECT24	< 2.16.1
	mbNET	8.0.0 < 8.2.0
	mbNET.rokey	8.0.0 < 8.2.0
	mymbCONNECT24	< 2.16.1

Summary

Several Red Lion Europe products are vulnerable to a possible race condition vulnerability in OpenSSH named "regreSSHion".

CVE ID

CVE-2024-6387

Last Update:

Aug. 30, 2024, 9:21 a.m.

Severity

8.1 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)

Weakness

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CWE-362)

Summary

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

Details

nvd.nist.gov

Impact

Possible full system compromise where an attacker can execute arbitrary code with the highest privileges.

Solution

Mitigation

Prevent all access to the sshd daemon listening on port 22.

Remediation

Update to latest firmware:

2.16.1 for mbCONNECT24/mymbCONNECT24
8.2.0 for mbNET/mbNET.rokey

Reported by

CERT@VDE coordinated with Red Lion Europe