Malicious hackers, some with government support, are actively exploiting two independent vulnerabilities – both rated at 9.8 severity out of a possible 10 – in hopes of infecting sensitive corporate networks with backdoors, botnet software, and other forms of malware.
The ongoing attacks are targeting unpatched versions of multiple VMware product lines and F5’s BIG-IP software, security researchers said. Both vulnerabilities allow attackers to remotely execute malicious code or commands that run with full root system privileges. The largely uncoordinated exploits appear to be malicious, in contrast to benign scans that attempt to identify vulnerable servers and quantify their numbers.
On April 6, VMware disclosed and patched a remote code execution vulnerability tracked as CVE-2022-22954 and a privilege escalation bug tracked as CVE-2022-22960. According to advisory Published Wednesday by the Cybersecurity and Infrastructure Security Agency, “Malicious cyberactors were able to reverse engineer the updates to create an exploit within 48 hours and quickly began exploiting the disclosed vulnerabilities in unpatched devices.”
Read 10 remaining paragraphs | Remarks
This article was previously published on Source link