Unauthorized Channel Creation in libssh Server-Side State Machine by Malicious Client
CVE-2018-10933

9.1CRITICAL

Key Information:

Vendor

[unknown]

Status
Libssh
Vendor
CVE Published:
17 October 2018

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 78%

What is CVE-2018-10933?

A vulnerability in the server-side state machine of libssh permits a malicious client to create communication channels without prior authentication. This flaw can lead to unauthorized access, posing risks to the confidentiality and integrity of data transmitted through the affected software. Users and administrators are urged to update to versions 0.7.6 or 0.8.4 and above to mitigate this security risk.

Affected Version(s)

libssh 0.7.6

libssh 0.8.4

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2018-10933
Created by blacknbunny

libssh-scanner
Created by gojhonny

CVE-2018-10933
Created by SoledaD208

References

https://usn.ubuntu.com/3795-1/
vendor-advisoryx_refsource_UBUNTU
https://www.oracle.com/technetwork/security-advisory/cpuj...
x_refsource_CONFIRM
https://usn.ubuntu.com/3795-2/
vendor-advisoryx_refsource_UBUNTU

EPSS Score

78% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
9.1
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2018-10933 : Unauthorized Channel Creation in libssh Server-Side State Machine by Malicious Client