Security researchers and adversaries have targeted F5 Big IP due to the vulnerable, external nature of the product, says Jonathan Chua, Application Security Consultant at nVisium, a Falls Church, Virginia-based application security provider. Chua adds, “Several F5 application services can be hosted externally, allowing any internet user to attempt to connect to the service. Due to the ease of accessibility and the amount of publicly known vulnerabilities associated with F5 applications, the service becomes a prime target for adversaries to break into a company’s network via the external perimeter.”

An example of this, Chua explains, is the F5 Traffic Management User Interface (TMUI), which adversaries are actively exploiting. “This service is often available on a company’s external perimeter and contains a critical remote code execution vulnerability. As a result, if the service is exploited, such service may provide external attackers an initial foothold in a company’s internal network.”

Read the entire article here!