all InfoSec news
XZ-Utils Supply Chain Backdoor Vulnerability Updated Advisory (CVE-2024-3094)
Security Boulevard securityboulevard.com
Vulnerability Overview Recently, NSFOCUS CERT detected that the security community disclosed a supply chain backdoor vulnerability in XZ-Utils (CVE-2024-3094), with a CVSS score of 10. Since the underlying layer of SSH relies on liblzma, when certain conditions are met, an attacker can use this vulnerability to bypass SSH authentication and gain unauthorized access on the […]
The post XZ-Utils Supply Chain Backdoor Vulnerability Updated Advisory (CVE-2024-3094) appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises …
advisory attacker authentication backdoor blog bypass can cert community conditions cve cve-2024 cve-2024-3094 cvss cvss score ddos mitigation nsfocus score security security community ssh supply supply chain unauthorized vulnerability xz utils