2 Pages

Critical Backdoor in XZ Utils - CVE-2024-3094

A critical vulnerability (CVE-2024-3094) has been identified in XZ Utils versions 5.6.0 and 5.6.1. This data compression utility is widely used in many operating systems, primarily Linux distributions. The vulnerability introduces a backdoor, potentially granting malicious actors full remote control of affected systems. Immediate action is required. XZ Utils is a command-line tool on Unix-like operating systems for file compression and decompression. It also includes a library (liblzma) that other software can use. The backdoor was discovered by a PostgreSQL developer at Microsoft. As of March 30, 2024, there's no evidence of active exploitation, but the situation is evolving.

Download now

Thank you for getting in touch!

We have received your message and would like to thank you for writing to us.

One of our colleagues will get back in touch with you soon! Have a great day!
Oops! Something went wrong while submitting the form.

Related White Papers & Advisories