Security News > 2022 > November > High Severity Vulnerabilities Reported in F5 BIG-IP and BIG-IQ Devices

High Severity Vulnerabilities Reported in F5 BIG-IP and BIG-IQ Devices
2022-11-17 06:58

Multiple security vulnerabilities have been disclosed in F5 BIG-IP and BIG-IQ devices that, if successfully exploited, to completely compromise affected systems.

Cybersecurity firm Rapid7 said the flaws could be abused to remote access to the devices and defeat security constraints.

"By successfully exploiting the worst of the vulnerabilities, an attacker could gain persistent root access to the device's management interface," Rapid7 researcher Ron Bowes said.

It's worth noting that such an exploit requires an administrator with an active session to visit a hostile website.

Also identified were three different instances of security bypass, which F5 said cannot be exploited without first breaking existing security barriers through a previously undocumented mechanism.

While F5 has made no mention of any of the vulnerabilities being exploited in attacks, it's recommended that users apply the necessary patches to mitigate potential risks.


News URL

https://thehackernews.com/2022/11/high-severity-vulnerabilities-reported.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
F5 141 6 267 399 64 736