I thought I’d wait, but it didn’t get better lol. Let’s dig in.
How many are there? F5 reports four critical remote code execution vulnerabilities per Bleeping Computer
It’s bad. F5 BIG-IP and BIG-IQ are found in so many enterprise networks: government, FI, ISPs, major organizations. This involves a glorious unauthenticated RCE flaw, CVE-2021-22986 on iControl REST interface. The others are: CVE-2021-22987 on Appliance mode for Traffic Mgmt User Intervace; CVE-2021-2291 a buffer overflow affecting the Traffic Mgmt Microkernel; and CVE-2021-22992 an “advanced WAF/ASM buffer overflow vulnerability. Read the guidance supplied by f5 here then please, please, please patch because this can lead to full system compromise. And if you’d like to know more about how bad this is, here is a link to an excellent thread on twitter when there was another unauthenticated RCE that was actively exploited against f5 last July.
Another patch you need to get to asap from yesterday’s joyous collection of vulnerabilities. Internet Explorer (IE) vulns are perennial faves for attackers to find and exploit given widespread use and likelihood of unpatched status. The risk with this one is that an attacker would have “the same operating system permissions as the user visiting the website” which could enable a lot more badness for vulnerable admins who get pwned.
Literally on Fire: The OVHcloud data center, located in Strasbourg, France, has burnt down. As reported in ZDNet today, a disastrous fire has completely destroyed the SBG2 data center as well as part of SBG1. SBG3 and 4 were protected. Most importantly, everyone is safe. OVHcloud provides global services to more than 1.5 million customers, managing 27 data centers in the US, UK, France, Australia and elsewhere. Wishing OVHcloud a successful and safe recovery. How up to date is your disaster recovery plan?