Security News > 2022 > May > Hackers exploiting critical F5 BIG-IP flaw to drop backdoors
Threat actors have started massively exploiting the critical vulnerability tracked as CVE-2022-1388, which affects multiple versions of all F5 BIG-IP modules, to drop malicious payloads.
F5 last week released patches for the security issue, which affects the BIG-IP iControl REST authentication component.
The company warned that the vulnerability enables an unauthenticated attacker on the BIG-IP system to run "Arbitrary system commands, create or delete files, or disable services."
At the moment, there are thousands of BIG-IP systems exposed on the internet, so attackers can leverage the exploit remotely to breach the corporate network.
Yesterday, multiple security researchers announced that they had created working exploits and warned administrators to install the latest updates immediately.
The vulnerability is so easy to exploit that some security researchers believe that it did not end up in the products by accident, especially considering that the vulnerable endpoint is named 'bash', a popular Linux shell.
News URL
Related news
- CISA: Hackers abuse F5 BIG-IP cookies to map internal servers (source)
- Critical Zimbra RCE flaw exploited to backdoor servers using emails (source)
- North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks (source)
- CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance (source)
- Iranian hackers act as brokers selling critical infrastructure access (source)
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-05 | CVE-2022-1388 | Missing Authentication for Critical Function vulnerability in F5 products On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. | 9.8 |