When you experience a breach, time is crucial. Our 24/7 Security Operations Center responds immediately with precision to eliminate the threat and restore operations.
Your organization has cybersecurity weaknesses and vulnerabilities you don’t yet even know about. They need to be found and found immediately. If you don’t someone else will.
New Critical Vulnerabilities in F5 Devices Discovered
Caleb Boma | March 11th, 2021
A major enterprise and application protection vendor, F5, announced new critical vulnerabilities affecting BIG-IP and BIG-IQ software. An F5 leader explained these vulnerabilities affect all of their customers.
The Critical Vulnerabilities in F5 Devices
CVE-2021-22986 (CVSS 9.8) – No authentication is needed for attackers to exploit this F5 vulnerability by remotely running system commands on different F5 products. With a critical score of 9.8 on the Common Vulnerability Scoring System scale, threat actors can create and delete files, execute commands, and disable services.
CVE-2021-22987 (CVSS 9.9), CVE-2021-22988 (CVSS 8.0), CVE-2021-22989 (CVSS 6.6) – These three vulnerabilities affect traffic management user interface (TMUI) configuration tool on F5 devices. They also allow authenticated users to execute commands remotely on undisclosed pages.
Further vulnerabilities were announced by F5 with CVSS scores of 9.0.
CVE-2021-22991 (CVSS 9.0) – Requests to this server that are not handled properly by Traffic Management Microkernel URI normalization may result in a Denial of Service attack but could also bypass URL-based access control or remote code execution (RCE).
CVE-2021-22992 (CVSS 9.0) – Another potential Denial of Service attack vulnerability, but this is triggered by a malicious HTTP response to an advanced WAF/BIG-IP ASM virtual server with a login page configured in its policy and may trigger a buffer overflow. This vulnerability can also lead to remote code execution (RCE) and eventual system compromise.
More information about the vulnerabilities can be found here in a tweet released by F5.
The announcement of these vulnerabilities comes right after news of the Microsoft Exchange vulnerabilities. It’s important to note the connection between Microsoft and F5. Microsoft is a direct customer of F5, while F5 also claims they offer products to 48 of the Fortune 50. Many large organizations are now at risk and some through multiple, different avenues.
Engaging with a firm like SpearTip can take the weight off of your team’s shoulders during situations like this. Our team is ready to respond to threats and adapt to changing circumstances in the threat landscape while the engineers in our Security Operations Center work 24/7 to continuously monitor networks. They work in conjunction with our endpoint detection and response tool, ShadowSpear®
If you’re a leader in your organization, working through the steps to incorporate SpearTip’s services will benefit your team financially, as well as operationally. In turn, your overall brand reputation will be protected because the exploitation of the aforementioned vulnerabilities will be mitigated.
SpearTip’s cyber professionals continuously monitor environments 24/7 in our US-based Security Operations Center. Our certified engineers work in unison with our proprietary endpoint detection and response tool, ShadowSpear®. This allows your organization to have direct communication with our engineers at any moment and a completely transparent view of your risk profile.
If you’re experiencing a breach, call our Security Operations Center at 833.997.7327.
View our articles that cover trending topics in cybersecurity with insights from our 24/7/365 Security Operations Center.
ShadowSpear Platform
Cybersecurity actors are working around the clock, shouldn’t your security team be too? Technology solutions and security controls fail for a number of reasons, poor deployment, improper implementation, or just no one monitoring the alerts.
ShadowSpear Demo
Experience ShadowSpear for yourself. Our lightweight, integrated solution will help you sleep easier at night and provide immediate confidence in your security posture.
