OpenSSH contains a remote code execution (RCE) vulnerability, exploitable by an unauthenticated attacker through a race condition. Successful exploitation can allow for the remote execution of arbitrary code.
Note: This flaw has been demonstrated to be exploitable remotely on glibc-based Linux systems. Other libc or operating systems were not examined, however, the vendor has indicated in the 9.8 release notes that “exploitation on non-glibc systems is conceivable”.
AI Score
Confidence
EPSS
Percentile
73.8%