Assessing the vulnerabilities and impacts of open SSH ports on Centos 9 virtual machines hosted on MAC ARM computers CVE-2023-25136.pdf

In today’s world where the technology is growing so fast and rapidly, there is a need ofcybersecurity professionals in every field. The more data you have the more crucial it is to makeit secure, in this research paper we dive into the vulnerability of SSH (Secure Shell Protocol) inCentOS 9 Stream which is by default open when installed on Parallels Desktop in Apple Mac AirM1 (Silicon chip & Intel), as on research we get to know that the companies like HCLTechnologies, Wipro, Fujitsu and so many others are using Parallels Desktop now days for runningVirtual Operating Systems, on testing different Virtual Operating system and finding basicvulnerabilities we came across an operating system which was behaving differently when installedon Windows Virtual Box and when installed on Parallels Desktop on Mac Air M1, on furthertesting we were able to find that on Windows Virtual Box the RHEL based Linux operating systemCentOS when was installed was having SSH (Secure Shell) port closed but when installed onParallels Desktop on Mac, the port was opened by default and was easily accessible with anothermachine by SSH command (Secure Shell). The research is based on understanding the ARM basedoperating system and why these operating system doesn’t allow many Linux based operatingsystem to get installed on mac. As mentioned, that big companies are using Parallels Desktop nowa days, we understand and studied how ARM architecture works as for a beginner and would alsodiscuss how the configuration file when downloaded on Parallels Desktop misconfigured bydefault as compared to when installed on Windows Virtual Box. In this paper we will discuss aboutthe CVE-2023-25136 which was being public in February 2023 as well.