Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Sponsored By
CISA: Unpatched F5 BIG-IP Devices Under Active AttackCISA: Unpatched F5 BIG-IP Devices Under Active Attack
Publicly released proof-of-concept exploits are supercharging attacks against unpatched systems, CISA warns.
Dark Reading Staff
May 18, 2022
1 Min Read
Source: GK Images via Alamy Stock Photo
The Cybersecurity Infrastructure and Security Agency (CISA) has issued a warning about active exploits against unpatched F5 Network's BIG-IP systems.
A patch for the vulnerability (CVE-2022-1388) was issued on May 4; since then, working proof-of-concept exploits have circulated among cybercriminals, making it easier for even less-skilled attackers to take advantage, CISA explains.
Along with CISA, the F5 BIG-IP vulnerability alert was issued by the Multi-State Information and Analysis Center (MS-ISAC). Both organizations "strongly urge" administrators to upgrade F5's BIG-IP systems to a patched version.
"According to public reporting, there is active exploitation of this vulnerability, and CISA and MS-ISAC expect to see widespread exploitation of unpatched F5 BIG-IP devices (mostly with publicly exposed management ports or self IPs) in both government and private sector networks," the alert states.
About the Author(s)
More Insights
Webinars
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication Methods
Oct 26, 2023Modern Supply Chain Security: Integrated, Interconnected, and Context-Driven
Nov 06, 2023How to Combat the Latest Cloud Security Threats
Nov 06, 2023Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and Phishing
Nov 01, 2023SecOps & DevSecOps in the Cloud
Nov 06, 2023
