In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
f5 big-ip access policy manager |
||
f5 big-ip advanced firewall manager |
||
f5 big-ip advanced web application firewall |
||
f5 big-ip analytics |
||
f5 big-ip application acceleration manager |
||
f5 big-ip application security manager |
||
f5 big-ip ddos hybrid defender |
||
f5 big-ip domain name system |
||
f5 big-ip fraud protection service |
||
f5 big-ip global traffic manager |
||
f5 big-ip link controller |
||
f5 big-ip local traffic manager |
||
f5 big-ip policy enforcement manager |
||
f5 ssl orchestrator |
Q3 was relatively calm from a DDoS perspective. There were no headline innovations, although cybercriminals did continue to master techniques and develop malware already familiar to us from the last reporting period. For example, another DDoS botnet joined in the assault on Docker environments. The perpetrators infiltrated the target server, created an infected container, and placed in it the Kaiten bot (also known as Tsunami), paired with a cryptominer. The Lucifer botnet, which first appeared ...
Please just patch your infrastructure, begs US-CISA What do F5, Citrix, Pulse Secure all have in common? China exploiting their flaws to hack govt, biz – Feds
Where Chinese hackers exploit, Iranians aren’t far behind. So says the US Cybersecurity and Infrastructure Security Agency, which is warning that malicious persons from Iran are exploiting a slew of vulns in VPN products from Citrix, F5 Networks and Pulse Secure. The warning mirrors one issued earlier this week for exactly the same vendors, except with China as the malevolent party instead of Iran. “CISA and FBI are aware of a widespread campaign from an Iran-based malicious cyber actor targ...
Beijing's snoops don't even need zero-days to break into valuable networks
The US government says the Chinese government's hackers are preying on a host of high-profile security holes in enterprise IT equipment to infiltrate Uncle Sam's agencies and American businesses. Yes, this sounds like something from the Department of the Bleeding Obvious – spies do spying on all sides, and all that – but what's interesting in this latest warning is the roll call of vulnerable products being targeted. In a joint statement, the FBI and Homeland Security's Cybersecurity and Inf...
Getting to be a real PAN in the OS US govt warns foreign hackers 'will likely try to exploit' critical firewall bypass bug in Palo Alto gear – patch now
Palo Alto Networks has emitted its second software update in as many weeks to address a potentially serious security vulnerability in its products. The vendor on Wednesday issued an advisory for CVE-2020-2034, a remote code execution flaw in its PAN-OS GlobalProtect portal, which can be exploited by a remote unauthenticated miscreant to execute arbitrary commands on the gateway as a superuser: No in-the-wild attacks have been reported... yet. Palo Alto confirmed to The Register that GlobalProtec...
Plus: What? No. No way. People would just do that? Go on Tor and use it to commit crimes?
In Brief Exploit code for a nasty vulnerability in F5 Networks' BIG-IP application delivery controllers is now doing the rounds, so make sure you're all patched up. Miscreants are scanning the internet for machines to attack, judging from reports by infosec bods running honeypots. Any vulnerable kit facing the 'net is likely to be probed at some point this week, if not already, to see if it can be hijacked. The flaw in question, CVE-2020-5902, lies within the controllers' Traffic Management User...
Not to worry, there are only *searches* several thousand devices apparently exposed online Hold off that rush into the July 4 weekend – you may need this: Microsoft patches pwn-by-picture pitfalls in Win 10
Network administrators are urged to patch their F5 BIG-IP application delivery controllers following the disclosure of a pair of critical remote takeover bugs. The flaws in question, CVE-2020-5902 and CVE-2020-5903, lie within in a configuration tool known as the Traffic Management User Interface. Successful exploitation results in full admin control over the device. In the case of CVE-2020-5902, the hole puts the equipment at risk of arbitrary code execution, while CVE-2020-5903 is a JavaScript...