Plusieurs vulnérabilitiés dans les équipements et produits F5 (uniquement en anglais)

The CSSF has been made aware that a nation-state actor has breached F5’s systems and stolen proprietary files, including portions of the BIG-IP source code and vulnerability details. This access gives the attacker a significant advantage, enabling them to discover new flaws and develop targeted exploits for F5 devices and software.

CIRCL, the Computer Incident Center Luxembourg, published a report on this subject, including recommendations, available at this URL: https://www.circl.lu/pub/tr-96.

The CSSF strongly recommends all supervised entities concerned to take duly note of this report and to take actions as appropriate.