F5 Archives - Securezoo

F5 fixes 12 High severity vulnerabilities in BIG-IP and BIG-IQ products

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / August 7, 2022 August 7, 2022 / BIG-IP, BIG-IQ, CVE-2022-35243, CVE-2022-35728, F5, Networking

F5 has released fixes for 12 High severity vulnerabilities that affect BIG-IP and BIG-IQ products.

F5 releases August security advisory for BIG-IP and BIG-IQ

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / August 25, 2021 August 25, 2021 / BIG-IP, BIG-IQ, CVE-2021-23025, CVE-2021-23026, CVE-2021-23029, CVE-2021-23030, CVE-2021-23031, CVE-2021-23032, CVE-2021-23033, CVE-2021-23034, CVE-2021-23035, CVE-2021-23036, CVE-2021-23037, F5

F5 has released the August security advisory for BIG-IP and BIG-IQ products that address multiple High risk vulnerabilities.

Top 30 most commonly exploited vulnerabilities over 2020 and 2021

Cybersecurity Attacks, Vulnerabilities & Exploits / By Frank Crast / July 29, 2021 August 6, 2021 / Atlassian, BIG-IP, Citrix, CVE 2018-13379, CVE 2019-11510, CVE 2019-18935, CVE 2020-15505, CVE 2020-5902, CVE-2017-11882, CVE-2018-13379, CVE-2018-7600, CVE-2019-0604, CVE-2019-11580, CVE-2019-19781, CVE-2019-5591, CVE-2020-0787, CVE-2020-12812, CVE-2020-1472, CVE-2021-21985, CVE-2021-22894, CVE-2021-22899, CVE-2021-27101, CVE-2021-27102, CVE-2021-27103, CVE-2021-27104, Drupal, F5, Fortinet, MobileIron, Netlogon, Office, Pulse, Zerologon

Cybersecurity experts from Australia, U.K., and U.S. governments have released a list of the most commonly exploited vulnerabilities over 2020 and 2021.

Critical F5 BIG-IP vulnerability (CVE-2021-22986) under active attack

Cybersecurity Attacks, Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / March 22, 2021 May 1, 2021 / BIG-IP, BIG-IQ, CVE-2021-22986, F5, NCC Group, Networking

Security researchers are warning of mass scans and active exploits of a Critical vulnerability on F5 BIG-IP and BIG-IQ infrastructure. F5 patched the Critical remote code execution vulnerability CVE-2021-22986 nearly two weeks ago when the networking company confirmed an unauthenticated attacker could exploit the vulnerability.

F5 patches 4 Critical vulnerabilities

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / March 10, 2021 March 11, 2021 / CVE-2021-22986, CVE-2021-22987, CVE-2021-22991, CVE-2021-22992, F5, iControl, RCE, WAF

F5 has patched two Critical remote code execution (RCE) and another two buffer overflow vulnerabilities that impact BIG-IP and BIG-IQ devices. Moreover, the security firm also addressed two other High severity bugs and one Medium severity flaw.

APT actors exploit legacy internet-facing vulnerabilities in combination with Zerologon to target organizations

Cybersecurity Articles, Cybersecurity Attacks, Vulnerabilities & Exploits / By Frank Crast / October 10, 2020 October 10, 2020 / BIG-IP, CISA, Citrix, CVE-2018-13379, CVE-2019-11510, CVE-2019-19781, CVE-2020-1472, CVE-2020-15505, CVE-2020-2021, CVE-2020-5902, F5, FortiGuard, FortiOS, MobileIron, Netscaler, Palo Alto Networks, Pulse Secure, Zerologon

Advanced persistent threat actors (APTs) are exploiting multiple legacy vulnerabilities in combination with newer “Zerologon” to target government networks, critical infrastructure, and elections organizations.

Chinese threat actors targeting U.S. government agencies and these 4 CVEs

Cybersecurity Articles, Cybersecurity Attacks, Vulnerabilities & Exploits / By Frank Crast / September 15, 2020 October 10, 2020 / BIG-IP, Citrix, CVE-2019-11510, CVE-2019-19781, CVE-2020-0688, CVE-2020-5902, DHS, Exchange, F5, Microsoft, MSS, Pulse Secure, VPN

Chinese Ministry of State Security (MSS)-affiliated cyber threat actors are targeting U.S. government agencies, as well as exploiting four popular vulnerabilities over the past 12 months.

F5 patches Critical RCE vulnerability (CVE-2020-5902) in BIG-IP configuration utility

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / July 4, 2020 October 10, 2020 / AAM, AFM, Analytics, APM, ASM, BIG-IP, CVE-2020-5902, DNS, F5, FPS, GTM, Link Controller, LTM, PEM, RCE, TMUI

F5 has patched a Critical remote code execution (RCE) vulnerability (CVE-2020-5902) in the Configuration utility of BIG-IP. Researchers further discovered 8,000 devices were vulnerable on the internet and could result in full system compromise.

libssh security vulnerability, vendor updates and POC exploit

Leave a Comment / Vulnerabilities & Exploits / By Frank Crast / October 20, 2018 December 28, 2018 / Cisco, CVE-2018-10933, F5, libssh, Linux, Red Hat

libssh issued an important security and maintenance release earlier this week to address a critical authentication bypass vulnerability (CVE-2018-10933).