Skip to main content

Hackers are actively exploiting BIG-IP vulnerability with a 9.8 severity rating

posted onMay 9, 2022
by l33tdawg
Arstechnica
Credit: Arstechnica

Researchers are marveling at the scope and magnitude of a vulnerability that hackers are actively exploiting to take full control of network devices that run on some of the world's biggest and most sensitive networks.

The vulnerability, which carries a 9.8 severity rating out of a possible 10, affects F5’s BIG-IP, a line of appliances that organizations use as load balancers, firewalls, and for inspection and encryption of data passing into and out of networks. There are more than 16,000 instances of the gear discoverable online, and F5 says it’s used by 48 of the Fortune 50. Given BIG-IP's proximity to network edges and their functions as devices that manage traffic for web servers, they often are in a position to see decrypted contents of HTTPS-protected traffic.

Last week, F5 disclosed and patched a BIG-IP vulnerability that hackers can exploit to execute commands that run with root system privileges. The threat stems from a faulty authentication implementation of the iControl REST, a set of web-based programming interfaces for configuring and managing BIG-IP devices. “This issue allows attackers with access to the management interface to basically pretend to be an administrator due to a flaw in how the authentication is implemented,” Aaron Portnoy, the director of research and development at security firm Randori, said in a direct message. “Once you are an admin, you can interact with all the endpoints the application provides, including execute code.”

Source

Tags

Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th