A high-severity vulnerability allows low-privileged users to extract sensitive SSH credentials, facilitating lateral movement and unauthorized system access.

This vulnerability allows an authenticated, low-privileged user to access and extract saved SSH credentials that should be securely isolated. The flaw typically involves improper file permissions, insecure storage of secrets, or memory leakage within the application's local environment.

The extraction of SSH credentials poses a severe risk of lateral movement across the network. An attacker with local access can elevate their influence by accessing remote servers using the stolen credentials, leading to widespread data compromise and system control. The CVSS score of 7.7 underscores the high impact on confidentiality and the potential for cascading security failures.

Immediate Action: Apply the vendor-provided security patch immediately to secure the credential storage mechanism.

Proactive Monitoring: Monitor for unusual SSH login activity originating from users who should not have access to those credentials and review local system access logs.

Compensating Controls: Implement the principle of least privilege, ensuring that low-privileged users cannot access directories where sensitive configuration files or credential stores are located.

Public Exploit Available: false

This vulnerability is a significant risk for environments with multi-user access. We recommend an immediate update to the affected software to prevent credential theft. Furthermore, organizations should rotate any SSH keys or passwords that may have been stored within the vulnerable software versions to ensure continued environment integrity.