Researchers create an RCE exploit for the latest F5 BIG-IP flaw

0

Researchers create an RCE exploit for the latest F5 BIG-IP flaw , Security experts have warned that they have been able to construct an exploit for F5’s BIG-IP family of devices’ serious remote code execution vulnerability.

The weakness, which has been assigned the number CVE-2022-1388 (CVSS: 9.8), is related to an iControl REST authentication bypass that, if properly exploited, might lead to remote code execution, allowing an attacker to obtain initial access and take control of an affected system.

This might include anything from deploying cryptocurrency miners to dropping web shells for further attacks like data theft and ransomware.

Positive Technologies, a cybersecurity organization, tweeted on Friday, “We have replicated the fresh CVE-2022-1388 in F5’s BIG-IP.” “As soon as possible, patch!”

BIG-IP products versions 16.1.0 – 16.1.2 15.1.0 – 15.1.5 14.1.0 – 14.1.4 are all affected by the critical security issue.
13.1 through 13.4
11.6.1 – 11.6.5
Versions 17.0.0, 16.1.2.2, 15.1.5.1, 14.1.4.6, and 13.1.5 have been updated with fixes.

Users reliant on firmware versions 11.x and 12.x should consider upgrading to a newer version or using the workarounds –

Through the own IP address, block iControl REST access.

Modify the BIG-IP HTTPs setup and disable iControl REST access through the management interface.

Threat actors are aggressively targeting “newly disclosed critical software vulnerabilities against broad target sets, including public and private sector organizations worldwide,” cybersecurity authorities from Australia, Canada, New Zealand, the United Kingdom, and the United States warned last month.

Malicious hacking groups are expected to follow suit now that the F5 BIG-IP weakness has been discovered to be straightforward to attack, making it critical for impacted firms to implement the updates as soon as possible.

Update: Security researcher Kevin Beaumont has issued a public warning about current exploitation efforts discovered in the wild, as well as a public proof-of-concept (PoC) for the code execution weakness.

Have you enjoyed reading this article? To read more exclusive material from THN, follow us on Facebook. Researchers create an RCE exploit for the latest F5 BIG-IP flaw .

اترك رد

لن يتم نشر عنوان بريدك الإلكتروني.