Saturday , April 19 2025
F5

(CVE–2023-46747)
Hacker exploit Critical F5 BIG -IP Vulnerability in Bangladesh: CIRT report

Cyber Threat Intelligence Unit of BGD e-GOV CIRT found evidence of compromise linked to the vulnerability in F5 BIG-IP systems used in Bangladesh’s IT infrastructure. Investigators discovered that attackers gained shell access to the system and tried to sell this unauthorized access on the dark web.

Source: BGD e-Gov CIRT

On October 30, one attacker claimed to have root-level access to a server, initially offering it for a fixed price, which increased to $2,500 by November 4.

CVE-2025-2492
ASUS warns of critical auth bypass flaw in routers

Hackers can exploit a vulnerability in Asus routers to execute unauthorized functions. This serious issue, rated 9.2 out of 10,...
Read More
CVE-2025-2492  ASUS warns of critical auth bypass flaw in routers

16,000+ Fortinet devices compromised with symlink backdoor, Mostly in Asia

According to Shadowserver Foundation around 17,000 Fortinet devices worldwide have been compromised using a new technique called "symlink". This number...
Read More
16,000+  Fortinet devices compromised with symlink backdoor, Mostly in Asia

Patch now! Critical Erlang/OTP SSH Vuln Allows UCE

A critical security flaw has been found in the Erlang/Open Telecom Platform (OTP) SSH implementation, allowing an attacker to run...
Read More
Patch now! Critical Erlang/OTP SSH Vuln Allows UCE

CISA warns of increasing risk tied to Oracle legacy Cloud leak

On Wednesday, CISA alerted about increased breach risks due to the earlier compromise of legacy Oracle Cloud servers, emphasizing the...
Read More
CISA warns of increasing risk tied to Oracle legacy Cloud leak

CVE-2025-20236
Cisco Patches Unauthenticated RCE Flaw in Webex App

Cisco issued a security advisory about a serious vulnerability in its Webex App that allows unauthenticated remote code execution (RCE)...
Read More
CVE-2025-20236  Cisco Patches Unauthenticated RCE Flaw in Webex App

Apple released emergency security updates for 2 zero-day vulns

On Wednesday, Apple released urgent operating system updates to address two security vulnerabilities that had already been exploited in highly...
Read More
Apple released emergency security updates for 2 zero-day vulns

Oracle Released Patched for 378 flaws for April 2025

On April 15, 2025, Oracle released a Critical Patch Update for 378 flaws for its products. The patch update covers...
Read More
Oracle Released Patched for 378 flaws for April 2025

CVE-2025-24054
Hackers Exploiting NTLM Spoofing Windows Vuln the in Wild

Check Point Research warns of the active exploitation of a new vulnerability, CVE-2025-24054, which lets hackers leak NTLMv2-SSP hashes using...
Read More
CVE-2025-24054  Hackers Exploiting NTLM Spoofing Windows Vuln the in Wild

Bengaluru firm got ransomware attack, Hacker demanded $70,000

Bengaluru's Whiteboard Technologies Pvt Ltd was hit by a ransomware attack, with hackers demanding a ransom of up to $70,000...
Read More
Bengaluru firm got ransomware attack, Hacker demanded $70,000

MITRE warns: U.S. Govt. Funding for MITRE’s CVE Ends Today

MITRE Vice President Yosry Barsoum warned that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness...
Read More
MITRE warns: U.S. Govt. Funding for MITRE’s CVE Ends Today

Analysis confirmed CVE-2023-46747, a authentication bypass vulnerability in F5 BIG-IP systems that allows attackers to execute remote code and access the Traffic Management User Interface (TMUI) without authentication. This vulnerability can give attackers full administrative control and has been exploited alongside CVE-2023-46748, a high-severity SQL injection flaw seen in active attacks reported by F5.

CVE-2023-46747 vulnerability overview:

On October 25, 2023, cybersecurity firm Praetorian announced a critical vulnerability (CVE-2023-46747) in F5 BIG-IP systems, allowing unauthenticated attackers to gain full administrative access due to poor input validation. This vulnerability has a CVSS score of 9.8.

The next day, F5 confirmed this issue and also reported a high-severity SQL injection flaw (CVE-2023-46748) with a CVSS score of 8.8, which is being exploited alongside the first vulnerability, heightening risks for affected systems.

Source: BGD e-Gov CIRT

Affected Versions:

BIG-IP Versions Prior to 17.0: All versions preceding 17.0 are vulnerable.
Exposed Management Interfaces: Deployments with publicly accessible management interfaces, particularly those lacking strict access controls or IP restrictions, are at heightened risk.

To reduce risks from CVE-2023-46747, CIRT advices organizations using F5 BIG-IP systems should take these steps:

Patch Deployment: Install the latest security updates from F5 to fix this issue.

Restrict Access: Allow access to the F5 BIG-IP management interface only from internal IPs.

Implement Multi-Factor Authentication (MFA): Require all users to use MFA for accessing the BIG-IP management portal to improve security.

Enhanced Logging and Monitoring: Turn on detailed logging on BIG-IP systems and watch for unusual behavior, especially regarding privileged actions.

Isolate Compromised Systems: Isolate any compromised systems and conduct a thorough investigation.

Hacker offer Titas gas root access to sale

Check Also

CISA warns of increasing risk tied to Oracle legacy Cloud leak

On Wednesday, CISA alerted about increased breach risks due to the earlier compromise of legacy …

Leave a Reply

Your email address will not be published. Required fields are marked *