Hackers are leveraging two recently discovered vulnerabilities in popular security software to target large enterprises and government agencies, allowing them to run arbitrary code and neatly cover their tracks.

This is according to F5, the makers of the BIG-IP, which was found vulnerable to an authentication bypass flaw tracked as CVE-202346747 (9.8 severity score) and an SQL injection flaw tracked as CVE-2023-46748 (8.8 severity score). These two, F5 warned, were being abused by “skilled” attackers in the wild. 

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *