May 9, 2024 at 07:09AM
F5 announced patches for its BIG-IP Next Central Manager to fix five vulnerabilities allowing complete device control. Eclypsium found the vulnerabilities but only two have CVE identifiers. One patched vulnerability is high severity, enabling unauthenticated attackers to execute malicious SQL statements. F5 states no impact beyond Next Central Manager. Eclypsium reports potential remote attacker control and account creation.
From the meeting notes, we can gather that F5 has announced patches for its BIG-IP Next Central Manager to address potentially dangerous vulnerabilities discovered by security firm Eclypsium. These vulnerabilities, including a total of five, have the potential to allow attackers to gain complete control of the affected devices.
Two of the identified vulnerabilities have been assigned CVE identifiers, with one of them classified as ‘high severity.’ These vulnerabilities are related to SQL injection issues that can be exploited by unauthenticated attackers, allowing them to execute malicious SQL statements and gain full administrative control of the affected devices. Eclypsium also mentioned that these vulnerabilities enable attackers to create unauthorized accounts on any F5 asset managed by the Next Central Manager, without visibility from the Manager interface.
While there is no evidence of in-the-wild exploitation at the moment, it is noted that similar vulnerabilities in BIG-IP products have been targeted by threat actors in the past.
In summary, the meeting notes highlight the importance of addressing these critical security vulnerabilities in the BIG-IP Next Central Manager to prevent potential exploitation by malicious actors.