Hackers actively exploit high-severity networking vulnerabilities

by
Dan Goodin
from Ars Technica - All content on (#565A4)
cyber-attack-800x600.jpg

Enlarge (credit: Marco Verch Professional Photographer and Speaker)

Hackers are actively exploiting two unrelated high-severity vulnerabilities that allow unauthenticated access or even a complete takeover of networks run by Fortune 500 companies and government organizations.

The most serious exploits are targeting a critical vulnerability in F5's Big-IP advanced delivery controller, a device that's typically placed between a perimeter firewall and a Web application to handle load balancing and other tasks. The vulnerability, which F5 patched three weeks ago, allows unauthenticated attackers to remotely run commands or code of their choice. Attackers can then use their control of the device to hijack the internal network it's connected to.

Prescient

The presence of a remote code execution flaw in a device located in such a sensitive part of a network gave the vulnerability a maximum severity rating of 10. Immediately after F5 released a patch on June 30, security practitioners predicted that the flaw-which is tracked as CVE-2020-5902-would be exploited against any vulnerable networks that didn't quickly install the update. On Friday, the US Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory that proved those warnings prescient.

Read 6 remaining paragraphs | Comments

index?i=BbfJElFsXGM:v3z1_IPh__Y:V_sGLiPB index?i=BbfJElFsXGM:v3z1_IPh__Y:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments