Saturday, May 21, 2022
HomeCyber SecurityResearchers Develop RCE Exploit for the Newest F5 BIG-IP Vulnerability

Researchers Develop RCE Exploit for the Newest F5 BIG-IP Vulnerability


Days after F5 launched patches for a important distant code execution vulnerability affecting its BIG-IP household of merchandise, safety researchers are warning that they have been capable of create an exploit for the shortcoming.

Tracked CVE-2022-1388 (CVSS rating: 9.8), the flaw pertains to an iControl REST authentication bypass that, if efficiently exploited, might result in distant code execution, permitting an attacker to achieve preliminary entry and take management of an affected system.

This might vary wherever from deploying cryptocurrency miners to dropping net shells for follow-on assaults, resembling info theft and ransomware.

“We’ve reproduced the recent CVE-2022-1388 in F5’s BIG-IP,” cybersecurity firm Constructive Applied sciences mentioned in a tweet on Friday. “Patch ASAP!”

The important safety vulnerability impacts the next variations of BIG-IP merchandise –

  • 16.1.0 – 16.1.2
  • 15.1.0 – 15.1.5
  • 14.1.0 – 14.1.4
  • 13.1.0 – 13.1.4
  • 12.1.0 – 12.1.6
  • 11.6.1 – 11.6.5

Fixes can be found in variations 17.0.0, 16.1.2.2, 15.1.5.1, 14.1.4.6, and 13.1.5. Firmware variations 11.x and 12.x won’t obtain safety updates and customers counting on these variations ought to take into account upgrading to a more recent model or apply the workarounds –

  • Block iControl REST entry by the self IP tackle
  • Block iControl REST entry by the administration interface, and
  • Modify the BIG-IP httpd configuration

Final month, cybersecurity authorities from Australia, Canada, New Zealand, the U.Okay., and the U.S. collectively warned that risk actors are aggressively concentrating on “newly disclosed important software program vulnerabilities in opposition to broad goal units, together with private and non-private sector organizations worldwide.”

With the F5 BIG-IP flaw discovered trivial to use, malicious hacking crews are anticipated to observe swimsuit, making it crucial that affected organizations transfer shortly to use the patches.

Replace: Safety researcher Kevin Beaumont has warned of lively exploitation makes an attempt detected within the wild, whereas concurrently alerting the provision of a public proof-of-concept (PoC) for the code execution flaw.



RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments