Initiativen für
Als nationale Behörde für Cybersicherheit hat das ZCB mehrere Initiativen für bestimmte Zielgruppen entwickelt, die hier vorgestellt werden.
Warning: Critical Authentication Bypass in GNU INETUTILS TELNETD! Patch Immediately!
Image
Veröffentlicht : 21/01/2026
* Last update: 21/01/2026
* Affected products:
→ GNU Inetutils telnetd* Type: Authentication Bypass
* CVE/CVSS:
- CVE-2026-24061: CVSS 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Sources
Openwall - https://www.openwall.com/lists/oss-security/2026/01/20/2
Openwall - https://www.openwall.com/lists/oss-security/2026/01/20/8
GNU - https://www.gnu.org/software/inetutils/
Risks
An unauthenticated attacker can exploit this vulnerability to bypass authentication and gain remote access to systems running vulnerable telnetd services. Successful exploitation could result in unauthorized root-level access, allowing attackers to read sensitive data, modify system configurations, execute arbitrary commands, and compromise system availability impacting all vertices of the CIA triad.
Description
GNU Inetutils Telnetd allows remote authentication bypass via a "-f root" value for the USER environment variable. This is a simple argument injection vulnerability that enables attackers to bypass authentication controls.
Recommended Actions
Disable Telnet
The Centre for Cybersecurity Belgium strongly recommends disabling telnet services unless no other option is available. If there is no other option, the Centre for Cybersecurity Belgium recommends to not expose these devices to the internet and use a strict firewall access policy and VPN or ZNTA to access these devices.
Patch
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority after thorough testing. Patch availability will depend on your operating system.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via https://ccb.belgium.be/cert/report-incident.
While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.