• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
f5 warns of critical bug allowing remote code execution in

F5 Warns of Critical Bug Allowing Remote Code Execution in BIG-IP Systems

You are here: Home / Latest Cyber Security Vulnerabilities / F5 Warns of Critical Bug Allowing Remote Code Execution in BIG-IP Systems
May 5, 2022

The vulnerability is ‘critical’ with a CVSS severity rating of 9.8 out of 10.

Application assistance company F5 is warning a critical vulnerability allows unauthenticated hackers with network accessibility to execute arbitrary commands on its Massive-IP methods.

The F5 Huge-IP is a mix of program and hardware that is developed all-around accessibility regulate, software availability and security remedies.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


The vulnerability is tracked as CVE-2022-1388  with a severity rating of 9.8 out of 10 by the Widespread Vulnerabilities Scoring Program (CVSS) model 3.90.
Infosec Insiders Newsletter

In accordance to F5, the flaw resides in the representational condition transfer (Relaxation) interface for the iControl framework which is utilized to communicate among the F5 gadgets and buyers.

Risk actors can ship undisclosed requests and leverage the flaw to bypass the iControl Relaxation authentication and entry the F5 Major-IP systems, an attacker can execute arbitrary instructions, produce or delete data files or disable servers.

“This vulnerability may make it possible for an unauthenticated attacker with network obtain to the Huge-IP process through the administration port and/or self IP addresses to execute arbitrary technique instructions, produce or delete files, or disable services,” said F5 in an advisory. “There is no info plane exposure this is a regulate airplane issue only,” they additional.

A self-IP deal with is an IP tackle on a Massive-IP procedure, that a client makes use of to affiliate with VLAN.

The Cybersecurity and Infrastructure Security Company (CISA) issued an warn and advised users to utilize the necessary updates.

Impacted Versions

The security vulnerability that has an effect on the Major-IP item variation are:

  • 1. to 16.1.2
  • 1. to 15.1.5
  • 1. to 14.1.4
  • 1. to 13.1.4
  • 1. to 12.1.6
  • 6.1 to 11.6.5

The F5 will not introduce fixes for versions 11.x (11.6.1 – 11.6.5) and 12.x (12.1. – 12.1.6).

The patches for versions v17.., v16.1.2.2, v15.1.5.1, v14.1.4.6, and v13.1.5 were being released by F5.

The advisory by F5 clarifies that the CVE-2022-1388 has no outcome on other F5 merchandise – Large-IQ Centralized Management, F5OS-A, F5OS-C, or Website traffic SDC.

F5 affected products and fixed versions

F5 affected products and solutions and mounted variations (Supply: F5)

The Massive-IP products are commonly built-in into the enterprises there is a significant threat of common attack.

Security researcher Nate Warfield documented in a tweet that practically 16,000 Massive-IP gadgets are exposed to the internet. A query shared by Warfield demonstrates the uncovered gadgets on Shodan.

Most of the uncovered Massive-IP gadgets are found in the Usa, China, India, and Australia. These programs are allotted to Microsoft corporation, Google LLC, DigitalOcean, and Linode.

Mitigations

Three “temporary mitigation” procedures have been recommended by F5, for individuals who simply cannot deploy security patches instantly.

According to F5 “You can block all obtain to the iControl Relaxation interface of your Huge-IP process through self IP addresses”. This can be finished by shifting the Port Lockdown configurations to Allow None for each individual self-IP handle in the process.

One more mitigation process is to limit iControl Rest obtain by the management interface or modify the Huge-IP httpd configuration.

Moreover, F5 has also produced a far more generic advisory to deal with an additional set of 17 high severity vulnerabilities learned and fastened in Huge-IP.

In July 2020, a critical RCE bug still left countless numbers of F5 Large-IP users’ accounts vulnerable to an attacker.

 


Some areas of this short article are sourced from:
threatpost.com

Previous Post: «top threats your business can prevent on the dns level Top Threats your Business Can Prevent on the DNS Level
Next Post: Latest Cohort Announced for NCSC For Startups Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • GitHub Updates Security Protocol For Operations Over SSH
  • Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
  • Some GitHub users must take action after RSA SSH host key exposed
  • THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps
  • Pension Protection Fund confirms employee data exposed in GoAnywhere breach
  • GitHub Swiftly Replaces Exposed RSA SSH Key to Protect Git Operations
  • Now UK Parliament Bans TikTok from its Network and Devices
  • IRS Phishing Emails Used to Distribute Emotet
  • Researchers Uncover Chinese Nation State Hackers’ Deceptive Attack Strategies
  • Fifth of Execs Admit Security Flaws Cost Them New Biz

Copyright © TheCyberSecurity.News, All Rights Reserved.