2 (or 5) Bugs in F5 Asset Manager Allow Full Takeover, Hidden Accounts
F5 customers should patch immediately, though even that won't protect them from every problem with their networked devices.
Stay updated on F5 security insights: Explore the latest in application delivery controls, threat intelligence, and cyber defense with F5 tag news.
Search across headline titles and summaries.
Background for this topic.
F5 provides application-delivery technology, best known in security operations for BIG-IP appliances and software that load-balance traffic, terminate TLS, route requests, and can enforce web-application firewall, access-control, and denial-of-service protections. F5’s NGINX products are also used as reverse proxies and web servers. These components sit in front of applications, mediating internet traffic and trust boundaries.
Their privileged position makes exposed management interfaces, insecure configurations, leaked certificates or keys, and unpatched vulnerabilities especially significant: compromise can enable traffic interception, authentication bypass, request manipulation, or access to protected applications, depending on deployment. Security teams should inventory BIG-IP and NGINX instances and versions, restrict management planes, apply vendor fixes, review iRules, WAF, and access policies, and monitor administrative and anomalous proxy activity. During incidents, preserve configuration and traffic logs and assess whether TLS credentials or backend routes were exposed.
F5 customers should patch immediately, though even that won't protect them from every problem with their networked devices.
Two security vulnerabilities have been discovered in F5 Next Central Manager that could be exploited by a threat actor to seize control of the devices and create hidden rogue administrator accounts for persistence
Researchers Discover Major Vulnerabilities in Popular Central Management PlatformResearchers identified major security vulnerabilities in F5's Next Central Manager that could allow hackers to gain a persistent, undetectable presence within any organization's network infrastructure connected to F5 assets, according to a Wednesday report.
F5 has fixed two high-severity BIG-IP Next Central Manager vulnerabilities, which can be exploited to gain admin control and create rogue accounts on any managed assets. [...]