Andy Greenberg writes via Wired: Late last week, government agencies, including the United States Computer Emergency Readiness Team and Cyber Command, sounded the alarm about a particularly nasty vulnerability in a line of BIG-IP products sold by F5. The agencies recommended security professionals immediately implement a patch to protect the devices from hacking techniques that could fully take control of the networking equipment, offering access to all the traffic they touch and a foothold for deeper exploitation of any corporate network that uses them. Now some security companies say they're already seeing the F5 vulnerability being exploited in the wildâ"and they caution that any organization that didn't patch its F5 equipment over the weekend is already too late. The F5 vulnerability, first discovered and disclosed to F5 by cybersecurity firm Positive Technologies, affects a series of so-called BIG-IP devices that act as load balancers within large enterprise networks, distributing traffic to different servers that host applications or websites. Positive Technologies found a so-called directory traversal bug in the web-based management interface for those BIG-IP devices, allowing anyone who can connect to them to access information they're not intended to. That vulnerability was exacerbated by another bug that allows an attacker to run a "shell" on the devices that essentially lets a hacker run any code on them that they choose. The result is that anyone who can find an internet-exposed, unpatched BIG-IP device can intercept and mess with any of the traffic it touches. Hackers could, for instance, intercept and redirect transactions made through a bank's website, or steal users' credentials. They could also use the hacked device as a hop point to try to compromise other devices on the network. Since BIG-IP devices have the ability to decrypt traffic bound for web servers, an attacker could even u ..
Support the originator by clicking the read the rest link below.
