HC3 Analyst Note TLP White: Critical Vulnerability in F5 Network Management/Security (BIG-IP) Tools

The information technology vendor, F5, disclosed a significant vulnerability in their BIG-IP suite of tools which, when exploited, allows for remote code execution ultimately leading to complete compromise of the host and the potential for further compromise of the network which it sits on. These technologies are used for network/traffic management and security and are intended to support the delivery of business-critical applications. The healthcare industry is believed to operate a number of BIG-IP servers. F5 has released software updates which include fixes for this vulnerability and HC3 recommends immediate implementation of these upgrades. By updating a system, this vulnerability becomes fully patched and no longer presents an opportunity for compromise.

Related Resources

Guides/Reports
As a member of the Healthcare and Public Health Sector, you play a significant role in national security by protecting the nation and its economy from hazards…
Standards/Guidelines
Public
Agent Tesla is an established Remote Access Trojan (RAT) written in .Net. A successful deployment of Agent Tesla provides attackers with full computer or…
Webinar Recordings
Public
The U.S. Department of Health and Human Services’ (HHS) Health Sector Cybersecurity Coordination Center (HC3) invites you to join its monthly cybersecurity…
AHA Center for Health Innovation Market Scan
Free Identity Protection In the spirit of helping front-line virus fighting organizations during these uncertain times, KII Consulting Inc., in partnership…
Advancing Health Podcast
In part two of this two-part podcast, two senior officials at the forefront of the ongoing duel with cybercriminals. DHS Under Secretary and Chief Intelligence…
Advancing Health Podcast
Public
In part one of this two-part podcast, you’ll hear from two senior officials at the forefront of the ongoing duel with cybercriminals. DHS Under Secretary and…