Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.XZ_UTILS_BACKDOOR_CVE-2024-3094.NBINHistoryMar 29, 2024 - 12:00 a.m.
Potential exposure to XZ Utils SSH Backdoor (CVE-2024-3094)
2024-03-2900:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
xz utils
ssh backdoor
cve-2024-3094
binary data
scanner
CVSS3
10
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
6.8
Confidence
Low
EPSS
0.144
Percentile
95.8%
The XZ Utils installed on the remote host is affected by a backdoor ssh vulnerability.
Binary data xz_utils_backdoor_cve-2024-3094.nbinRelated
osv
osv
CGA-xp9g-w4gq-2v78
2024-06-06 12:30:02
CGA-3r9w-5x9c-pwr7
2024-06-06 12:22:07
liblzma5-32bit-5.6.2-1.1 on GA media
2024-06-15 00:00:00
thn
thn
Malicious Code in XZ Utils for Linux Systems Enables Remote Code Execution
2024-04-02 13:18:00
vulnrichment
vulnrichment
CVE-2024-3094 Xz: malicious code in distributed source
2024-03-29 16:51:12
wizblog
wizblog
Backdoor in XZ Utils allows RCE: everything you need to know
2024-03-29 22:02:58
githubexploit
githubexploit
Exploit for Embedded Malicious Code in Tukaani Xz
2024-03-31 10:46:33
Exploit for Embedded Malicious Code in Tukaani Xz
2024-04-01 09:06:25
Exploit for Embedded Malicious Code in Tukaani Xz
2024-03-30 16:25:50
ubuntucve
ubuntucve
CVE-2024-3094
2024-03-29 00:00:00
archlinux
archlinux
[ASA-202403-1] xz: arbitrary code execution
2024-03-29 00:00:00
rapid7blog
rapid7blog
Backdoored XZ Utils (CVE-2024-3094)
2024-04-01 17:13:05
redhatcve
redhatcve
CVE-2024-3094
2024-03-29 16:50:47
securelist
securelist
XZ backdoor story β Initial analysis
2024-04-12 08:00:34
APT trends report Q2 2024
2024-08-13 12:00:28
IT threat evolution Q2 2024
2024-09-03 08:00:08
debiancve
debiancve
CVE-2024-3094
2024-03-29 17:15:21
rosalinux
rosalinux
Advisory ROSA-SA-2024-2409
2024-04-23 12:23:07
Advisory ROSA-SA-2024-2407
2024-04-23 12:16:56
Advisory ROSA-SA-2024-2408
2024-04-23 12:20:30
f5
f5
K000139141 : liblzma vulnerability CVE-2024-3094
2024-04-01 00:00:00
cvelist
cvelist
CVE-2024-3094 Xz: malicious code in distributed source
2024-03-29 16:51:12
alpinelinux
alpinelinux
CVE-2024-3094
2024-03-29 17:15:21
paloalto
paloalto
cve
cve
CVE-2024-3094
2024-03-29 17:15:21
attackerkb
attackerkb
CVE-2024-3094
2024-03-29 00:00:00
talosblog
talosblog
arista
arista
Security Advisory 0095
2024-04-03 00:00:00
nessus
nessus
XZ Utils 5.6.0 / 5.6.1 Liblzma Backdoor Check
2024-04-01 00:00:00
GLSA-202403-04 : XZ utils: Backdoor in release tarballs
2024-04-01 00:00:00
veracode
veracode
Injected Malicious Code
2024-04-01 21:18:10
gentoo
gentoo
XZ utils: Backdoor in release tarballs
2024-03-29 00:00:00
debian
debian
[SECURITY] [DSA 5649-1] xz-utils security update
2024-03-29 16:10:02
qualysblog
qualysblog
XZ Utils SSHd Backdoor
2024-03-30 04:06:05
openvas
openvas
Tukaani Project XZ Utils Backdoor (Feb/Mar 2024)
2024-04-02 00:00:00
hackread
hackread
Backdoor Discovered in XZ Utils: Patch Your Systems Now (CVE-2024-3094)
2024-04-01 23:17:59
nvd
nvd
CVE-2024-3094
2024-03-29 17:15:21
trellix
trellix
The Bug Report - April 2024 Edition
2024-04-29 00:00:00
CVSS3
10
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
6.8
Confidence
Low
EPSS
0.144
Percentile
95.8%
Related for XZ_UTILS_BACKDOOR_CVE-2024-3094.NBIN