- F5 just lately suffered a breach which noticed attackers steal BIG-IP supply code and vulnerability information
- Over 266,000 BIG-IP units are uncovered on-line, largely within the US, Europe, and Asia
- CISA issued emergency patch deadlines to guard federal networks from potential exploitation
More than 266,000 F5 BIG-IP situations linked to the general public web could possibly be prone to cyberattacks following the current cyberattack suffered by the compay, consultants have warned.
F5 just lately reported a “nation-state affiliated cyber threat actor” had stolen delicate recordsdata together with a portion of BIG-IP supply code, and vulnerability info. With this information, the attackers may reportedly analyze F5’s merchandise, discover zero-days, and develop completely different exploits and malware.
The firm pushed an emergency patch to repair the entire identified vulnerabilities, and careworn that there was no quick hazard since vital or remotely exploitable vulnerabilities weren’t among the many stolen recordsdata, and to this point, there’s been no proof of exploitation within the wild.
Attack floor
Now, Shadowserver Foundation, a safety nonprofit that screens the web for malicious exercise and helps enhance world cybersecurity, says that there are greater than 266,000 F5 BIG-IP situations uncovered on-line that would probably be a goal.
The majority (round 142,000) are positioned within the United States, with Europe and Asia holding one other 100,000.
The nonprofit doesn’t know what number of of those situations have been patched towards these flaws. It’s secure to imagine that a minimum of a few of them have been patched, so the assault floor is probably going considerably smaller than this.
At the identical time, The US Cybersecurity and Infrastructure Security Agency (CISA) urged Federal Civilian Executive Branch (FCEB) companies to catalog and patch F5 merchandise of their tech stack to attenuate the chance.
In the ED 26-01 emergency directive, CISA stated the breach was an “imminent threat to federal networks” utilizing F5’s merchandise because it may consequence within the compromise of API keys, information exfiltration, and even full compromise of focused techniques.
For F5OS, BIG-IP TMOS, BIG-IQ, and BNK/CNF merchandise, the deadline for patching is October 22, 2025, whereas for all different F5 merchandise, it’s October 31.
Via BleepingComputer
You may additionally like
- Russian tech agency attacked by Chinese state hackers in allied assault
- Take a take a look at our information to the most effective authenticator app
- We’ve rounded up the most effective password managers
