National Cyber Warfare Foundation (NCWF)

XZ-Utils Supply Chain Backdoor Vulnerability Updated Advisory (CVE-2024-3094)
0 user ratings		2024-04-07 12:09:18
milo
Blue Team (CND)
 - archive -- 

Vulnerability Overview Recently, NSFOCUS CERT detected that the security community disclosed a supply chain backdoor vulnerability in XZ-Utils (CVE-2024-3094), with a CVSS score of 10. Since the underlying layer of SSH relies on liblzma, when certain conditions are met, an attacker can use this vulnerability to bypass SSH authentication and gain unauthorized access on the […]


The post XZ-Utils Supply Chain Backdoor Vulnerability Updated Advisory (CVE-2024-3094) appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..


The post XZ-Utils Supply Chain Backdoor Vulnerability Updated Advisory (CVE-2024-3094) appeared first on Security Boulevard.



NSFOCUS

Source: Security Boulevard
Source Link: https://securityboulevard.com/2024/04/xz-utils-supply-chain-backdoor-vulnerability-updated-advisory-cve-2024-3094/

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Blue Team (CND)


Copyright 2012 through 2025 - National Cyber Warfare Foundation - All rights reserved worldwide.