Security News > 2020 > July > Attackers are breaching F5 BIG-IP devices, check whether you’ve been hit
Attackers are actively trying to exploit CVE-2020-5902, a critical vulnerability affecting F5 Networks' BIG-IP multi-purpose networking devices, to install coin-miners, IoT malware, or to scrape administrator credentials from the hacked devices.
CVE-2020-5902 is a critical remote code execution vulnerability in the configuration interface of BIG-IP devices used by some of the world's biggest companies.
Both the company and the U.S. Cyber Command urged admins on Friday to check whether their F5 BIG-IP web interfaces were exposed on the internet and to implement the offered patches before the weekend starts.
According to F5 Networks, BIG-IP networking devices are used as server load balancers, application delivery controllers, access gateways, etc.
Attackers are bypassing one of the mitigations originally provided by F5 Networks, so any organization that applied it instead of patching their F5 BIG-IP boxes should take action again and check whether their devices have been compromised in the meantime.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/iOMRjw5jTpY/
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-07-01 | CVE-2020-5902 | Path Traversal vulnerability in F5 products In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. | 9.8 |