Hackers exploiting critical F5 BIG-IP flaw to drop backdoors

Trooper

Level 16
Thread author
Verified
Top Poster
Well-known
Aug 28, 2015
772
Threat actors have started massively exploiting the critical vulnerability tracked as CVE-2022-1388, which affects multiple versions of all F5 BIG-IP modules, to drop malicious payloads.

F5 last week released patches for the security issue (9.8 severity rating), which affects the BIG-IP iControl REST authentication component.

The company warned that the vulnerability enables an unauthenticated attacker on the BIG-IP system to run “arbitrary system commands, create or delete files, or disable services.”

At the moment, there are thousands of BIG-IP systems exposed on the internet, so attackers can leverage the exploit remotely to breach the corporate network.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top