Mitigation Method<\/strong><\/h2>\n\n\n\nAs of this writing, no official announcement or security update has been released for this backdoor vulnerability. Users can downgrade xz-utils to a version earlier than 5.6.0 or replace it with components such as 7zip in the application.<\/p>\n\n\n\n
Statement<\/h2>\n\n\n\n
This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and\/or indirect consequences and losses caused by transmitting and\/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add\/delete any information to\/from it, or use this advisory for commercial purposes without permission from NSFOCUS.<\/p>\n\n\n\n
About NSFOCUS<\/h2>\n\n\n\n
NSFOCUS, a pioneering leader in cybersecurity, is dedicated to safeguarding telecommunications, Internet service providers, hosting providers, and enterprises from sophisticated cyberattacks.<\/p>\n\n\n\n
Founded in 2000, NSFOCUS operates globally with over 4000 employees at two headquarters in Beijing, China, and Santa Clara, CA, USA, and over 50 offices worldwide. It has a proven track record of protecting over 25% of the Fortune Global 500 companies, including four of the five largest banks and six of the world’s top ten telecommunications companies.<\/p>\n\n\n\n
Leveraging technical prowess and innovation, NSFOCUS delivers a comprehensive suite of security solutions, including the Intelligent Security Operations Platform (ISOP) for modern SOC, DDoS Protection, Continuous Threat Exposure Management (CTEM) Service and Web Application and API Protection (WAAP). All the solutions and services are augmented by the Security Large Language Model (SecLLM), ML, patented algorithms and other cutting-edge research achievements developed by NSFOCUS.<\/p>\n<\/body><\/html>\n","protected":false},"excerpt":{"rendered":"
Overview NSFOCUS CERT recently detected that a backdoor vulnerability in XZ Utils (CVE-2024-3094) was disclosed from the security community, with a CVSS score of 10. Because the SSH underlying layer relies on liblzma, an attacker could exploit this vulnerability to bypass SSH authentication and gain unauthorized access to affected systems, allowing arbitrary code execution. After […]<\/p>\n","protected":false},"author":1,"featured_media":28664,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_coblocks_attr":"","_coblocks_dimensions":"","_coblocks_responsive_height":"","_coblocks_accordion_ie_support":"","footnotes":""},"categories":[3,6],"tags":[310,724],"class_list":["post-28659","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","category-emergency-response","tag-cve-2024-3094-2","tag-vulnerability"],"acf":[],"yoast_head":"\n
XZ Utils Backdoor Vulnerability (CVE-2024-3094) Advisory - NSFOCUS<\/title>\n<meta name=\"description\" content=\"Risk level 10: Critical Backdoor CVE-2024-3094 Found in XZ Utils.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/nsfocusglobal.com\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\/\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"XZ Utils Backdoor Vulnerability (CVE-2024-3094) Advisory - NSFOCUS\" \/>\n<meta property=\"og:description\" content=\"Risk level 10: Critical Backdoor CVE-2024-3094 Found in XZ Utils.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nsfocusglobal.com\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\/\" \/>\n<meta property=\"og:site_name\" content=\"NSFOCUS\" \/>\n<meta property=\"article:published_time\" content=\"2024-04-01T00:49:28+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-04-17T18:07:38+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/04\/Critical.png\" \/>\n<meta name=\"author\" content=\"NSFOCUS\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"XZ Utils Backdoor Vulnerability (CVE-2024-3094) Advisory - NSFOCUS\" \/>\n<meta name=\"twitter:description\" content=\"Risk level 10: Critical Backdoor CVE-2024-3094 Found in XZ Utils.\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/04\/Critical.png\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"NSFOCUS\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. tempo de leitura\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\\\/\"},\"author\":{\"name\":\"NSFOCUS\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#\\\/schema\\\/person\\\/fd9ab61c9c77a81bbd870f725cc0c61d\"},\"headline\":\"XZ Utils Backdoor Vulnerability (CVE-2024-3094) Advisory\",\"datePublished\":\"2024-04-01T00:49:28+00:00\",\"dateModified\":\"2026-04-17T18:07:38+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\\\/\"},\"wordCount\":633,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/Critical.png\",\"keywords\":[\"CVE-2024-3094\",\"Vulnerability\"],\"articleSection\":[\"Blog\",\"Emergency Response\"],\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\\\/\",\"name\":\"XZ Utils Backdoor Vulnerability (CVE-2024-3094) Advisory - NSFOCUS\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/Critical.png\",\"datePublished\":\"2024-04-01T00:49:28+00:00\",\"dateModified\":\"2026-04-17T18:07:38+00:00\",\"description\":\"Risk level 10: Critical Backdoor CVE-2024-3094 Found in XZ Utils.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\\\/#breadcrumb\"},\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\\\/#primaryimage\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/Critical.png\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/Critical.png\",\"width\":169,\"height\":107,\"caption\":\"Critical alert icon with shield symbol.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/nsfocusglobal.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"XZ Utils Backdoor Vulnerability (CVE-2024-3094) Advisory\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#website\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/\",\"name\":\"NSFOCUS\",\"description\":\"Security Made Smart and Simple\",\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/nsfocusglobal.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#organization\",\"name\":\"NSFOCUS\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"width\":248,\"height\":36,\"caption\":\"NSFOCUS\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#\\\/schema\\\/person\\\/fd9ab61c9c77a81bbd870f725cc0c61d\",\"name\":\"NSFOCUS\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"caption\":\"NSFOCUS\"},\"sameAs\":[\"https:\\\/\\\/nsfocusglobal.com\"],\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/author\\\/admin\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"XZ Utils Backdoor Vulnerability (CVE-2024-3094) Advisory - NSFOCUS","description":"Risk level 10: Critical Backdoor CVE-2024-3094 Found in XZ Utils.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/nsfocusglobal.com\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\/","og_locale":"pt_BR","og_type":"article","og_title":"XZ Utils Backdoor Vulnerability (CVE-2024-3094) Advisory - NSFOCUS","og_description":"Risk level 10: Critical Backdoor CVE-2024-3094 Found in XZ Utils.","og_url":"https:\/\/nsfocusglobal.com\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\/","og_site_name":"NSFOCUS","article_published_time":"2024-04-01T00:49:28+00:00","article_modified_time":"2026-04-17T18:07:38+00:00","og_image":[{"url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/04\/Critical.png","type":"","width":"","height":""}],"author":"NSFOCUS","twitter_card":"summary_large_image","twitter_title":"XZ Utils Backdoor Vulnerability (CVE-2024-3094) Advisory - NSFOCUS","twitter_description":"Risk level 10: Critical Backdoor CVE-2024-3094 Found in XZ Utils.","twitter_image":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/04\/Critical.png","twitter_misc":{"Escrito por":"NSFOCUS","Est. tempo de leitura":"4 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/nsfocusglobal.com\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\/#article","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\/"},"author":{"name":"NSFOCUS","@id":"https:\/\/nsfocusglobal.com\/#\/schema\/person\/fd9ab61c9c77a81bbd870f725cc0c61d"},"headline":"XZ Utils Backdoor Vulnerability (CVE-2024-3094) Advisory","datePublished":"2024-04-01T00:49:28+00:00","dateModified":"2026-04-17T18:07:38+00:00","mainEntityOfPage":{"@id":"https:\/\/nsfocusglobal.com\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\/"},"wordCount":633,"commentCount":0,"publisher":{"@id":"https:\/\/nsfocusglobal.com\/#organization"},"image":{"@id":"https:\/\/nsfocusglobal.com\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/04\/Critical.png","keywords":["CVE-2024-3094","Vulnerability"],"articleSection":["Blog","Emergency Response"],"inLanguage":"pt-BR","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/nsfocusglobal.com\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/nsfocusglobal.com\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\/","url":"https:\/\/nsfocusglobal.com\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\/","name":"XZ Utils Backdoor Vulnerability (CVE-2024-3094) Advisory - NSFOCUS","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/nsfocusglobal.com\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\/#primaryimage"},"image":{"@id":"https:\/\/nsfocusglobal.com\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/04\/Critical.png","datePublished":"2024-04-01T00:49:28+00:00","dateModified":"2026-04-17T18:07:38+00:00","description":"Risk level 10: Critical Backdoor CVE-2024-3094 Found in XZ Utils.","breadcrumb":{"@id":"https:\/\/nsfocusglobal.com\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\/#breadcrumb"},"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nsfocusglobal.com\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\/"]}]},{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\/#primaryimage","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/04\/Critical.png","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/04\/Critical.png","width":169,"height":107,"caption":"Critical alert icon with shield symbol."},{"@type":"BreadcrumbList","@id":"https:\/\/nsfocusglobal.com\/xz-utils-backdoor-vulnerability-cve-2024-3094-advisory\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/nsfocusglobal.com\/"},{"@type":"ListItem","position":2,"name":"XZ Utils Backdoor Vulnerability (CVE-2024-3094) Advisory"}]},{"@type":"WebSite","@id":"https:\/\/nsfocusglobal.com\/#website","url":"https:\/\/nsfocusglobal.com\/","name":"NSFOCUS","description":"Security Made Smart and Simple","publisher":{"@id":"https:\/\/nsfocusglobal.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/nsfocusglobal.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"https:\/\/nsfocusglobal.com\/#organization","name":"NSFOCUS","url":"https:\/\/nsfocusglobal.com\/","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/#\/schema\/logo\/image\/","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","width":248,"height":36,"caption":"NSFOCUS"},"image":{"@id":"https:\/\/nsfocusglobal.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/nsfocusglobal.com\/#\/schema\/person\/fd9ab61c9c77a81bbd870f725cc0c61d","name":"NSFOCUS","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","caption":"NSFOCUS"},"sameAs":["https:\/\/nsfocusglobal.com"],"url":"https:\/\/nsfocusglobal.com\/pt-br\/author\/admin\/"}]}},"_links":{"self":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/28659","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/comments?post=28659"}],"version-history":[{"count":0,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/28659\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media\/28664"}],"wp:attachment":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media?parent=28659"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/categories?post=28659"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/tags?post=28659"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}![\"Red](\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/04\/Score-10-vuln.png\")
<\/a><\/figure>\n<\/div>\n\n\n![\"Red](\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/04\/17.png\")
<\/a><\/figure>\n<\/div>\n\n\n