Active exploitation of F5 BIG-IP vulnerability underway

2 November 2023

Threat actors have launched attacks leveraging a recently patched critical request smuggling flaw in F5’s BIG-IP offering, tracked as CVE-2023-46747, just days after the release of a proof-of-concept exploit code, SecurityWeek reports. Such intrusions have also involved the exploitation of another flaw within F5 BIG-IP’s configuration utility, tracked as CVE-2023-46748, according to F5, which has already issued updated indicators-of-compromise for both bugs.

Source: SC Magazine

Date:

2 November 2023

Categorie(s):

NEWS

Tag(s):

Attacks, BIG-IP, Critical, Cyber Attack, F5

Hacker Heroes – Jeremiah Grossman – PSW #8288 May 2024
Undersea cables must have high-priority protection before they become top targets8 May 2024
Critical vulnerabilities in BIG-IP appliances leave big networks open to intrusion8 May 2024
Two-thirds of organizations are not prepared for AI risks8 May 2024
RSAC 2024: Attendees focus on AI, mobile, and threat telemetry8 May 2024