Rewterz Threat Advisory – CVE-2020-5867 – F5 NGINX Controller

Rewterz Threat Alert – TA505 New Coronavirus Campaign

April 27, 2020

Rewterz Threat Alert – Asnarok Trojan targets Sophos firewalls

April 27, 2020

Rewterz Threat Advisory – CVE-2020-5867 – F5 NGINX Controller

Severity

Medium

Analysis Summary

F5 NGINX Controller is vulnerable to a man-in-the-middle attack, caused by using HTTP communication in the install.sh installer script to check and install packages. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to forge any packages and get the malicious packages installed.

Impact

Unauthorized Access

Affected Vendors

Affected Products

F5 NGINX Controller 1.0.1
F5 NGINX Controller 2.0.0
F5 NGINX Controller 2.9.0
F5 NGINX Controller 3.0.0

Remediation

Refer to F5 Security Advisory K00958787 for upgraded patch.

Rewterz Threat Alert – TA505 New Coronavirus Campaign

Rewterz Threat Alert – Asnarok Trojan targets Sophos firewalls

Rewterz Threat Advisory – CVE-2020-5867 – F5 NGINX Controller

Severity

Analysis Summary

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan