{"id":47635,"date":"2026-03-31T15:14:10","date_gmt":"2026-03-31T08:14:10","guid":{"rendered":"https:\/\/antoanthongtinhaiphong.gov.vn\/?p=47635"},"modified":"2026-03-31T15:14:10","modified_gmt":"2026-03-31T08:14:10","slug":"cisa-bo-sung-lo-hong-f5-big-ip-apm-vao-danh-sach-lo-hong-dang-bi-khai-thac","status":"publish","type":"post","link":"https:\/\/antoanthongtinhaiphong.gov.vn\/cisa-bo-sung-lo-hong-f5-big-ip-apm-vao-danh-sach-lo-hong-dang-bi-khai-thac\/","title":{"rendered":"CISA b\u1ed5 sung l\u1ed7 h\u1ed5ng F5 BIG-IP APM v\u00e0o danh s\u00e1ch l\u1ed7 h\u1ed5ng \u0111ang b\u1ecb khai th\u00e1c"},"content":{"rendered":"<div><b>C\u01a1 quan An ninh C\u01a1 s\u1edf h\u1ea1 t\u1ea7ng v\u00e0 An ninh m\u1ea1ng M\u1ef9 (CISA) v\u1eeba ch\u00ednh th\u1ee9c b\u1ed5 sung l\u1ed7 h\u1ed5ng CVE-2025-53521 tr\u00ean F5 BIG-IP Access Policy Manager (APM) v\u00e0o danh s\u00e1ch c\u00e1c l\u1ed7 h\u1ed5ng \u0111ang b\u1ecb khai th\u00e1c t\u00edch c\u1ef1c. \u0110\u00e2y l\u00e0 \u0111\u1ed9ng th\u00e1i nh\u1eb1m c\u1ea3nh b\u00e1o c\u00e1c qu\u1ea3n tr\u1ecb vi\u00ean v\u00e0 nh\u1eefng \u0111\u01a1n v\u1ecb v\u1eadn h\u00e0nh h\u1ea1 t\u1ea7ng m\u1ea1ng v\u1ec1 m\u1ee9c \u0111\u1ed9 nghi\u00eam tr\u1ecdng c\u1ee7a l\u1ed7 h\u1ed5ng, \u0111\u1eb7c bi\u1ec7t khi l\u1ed7 h\u1ed5ng n\u00e0y cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng th\u1ef1c thi m\u00e3 t\u1eeb xa (RCE) m\u00e0 kh\u00f4ng c\u1ea7n x\u00e1c th\u1ef1c, khai th\u00e1c c\u00e1c ch\u00ednh s\u00e1ch truy c\u1eadp APM \u0111\u01b0\u1ee3c c\u1ea5u h\u00ecnh tr\u00ean m\u00e1y ch\u1ee7 \u1ea3o.<\/b>\u200b<\/div>\n<p>&nbsp;<\/p>\n<div>\n<div class=\"bbImageWrapper  js-lbImage\" title=\"F5 BIG-IP.png\" data-src=\"https:\/\/whitehat.vn\/attachments\/f5-big-ip-png.18725\/\" data-lb-sidebar-href=\"\" data-lb-caption-extra-html=\"\" data-single-image=\"1\"><img loading=\"lazy\" decoding=\"async\" class=\"bbImage\" title=\"F5 BIG-IP.png\" src=\"https:\/\/whitehat.vn\/attachments\/f5-big-ip-png.18725\/\" alt=\"F5 BIG-IP.png\" width=\"700\" height=\"390\" data-url=\"\" data-zoom-target=\"1\" \/><\/div>\n<\/div>\n<p>&nbsp;<\/p>\n<div>Ban \u0111\u1ea7u, l\u1ed7 h\u1ed5ng n\u00e0y \u0111\u01b0\u1ee3c F5 ph\u00e2n lo\u1ea1i l\u00e0 g\u00e2y t\u1eeb ch\u1ed1i d\u1ecbch v\u1ee5 (DoS) v\u1edbi \u0111i\u1ec3m CVSS v4 8.7, m\u1ee9c r\u1ee7i ro \u0111\u01b0\u1ee3c \u0111\u00e1nh gi\u00e1 t\u01b0\u01a1ng \u0111\u1ed1i th\u1ea5p. Tuy nhi\u00ean, c\u00e1c s\u1ef1 ki\u1ec7n g\u1ea7n \u0111\u00e2y v\u00e0o th\u00e1ng 3\/2026 \u0111\u00e3 l\u00e0m s\u00e1ng t\u1ecf m\u1ee9c \u0111\u1ed9 nguy hi\u1ec3m th\u1ef1c s\u1ef1 khi b\u1eb1ng ch\u1ee9ng khai th\u00e1c th\u1ef1c t\u1ebf cho th\u1ea5y k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 v\u01b0\u1ee3t qua c\u00e1c c\u01a1 ch\u1ebf b\u1ea3o v\u1ec7 th\u00f4ng th\u01b0\u1eddng \u0111\u1ec3 chi\u1ebfm quy\u1ec1n ki\u1ec3m so\u00e1t h\u1ec7 th\u1ed1ng. Tr\u01b0\u1edbc t\u00ecnh h\u00ecnh n\u00e0y, F5 \u0111\u00e3 t\u00e1i ph\u00e2n lo\u1ea1i l\u1ed7 h\u1ed5ng th\u00e0nh RCE v\u1edbi \u0111i\u1ec3m s\u1ed1 9.3, ph\u1ea3n \u00e1nh r\u1ee7i ro cao h\u01a1n nhi\u1ec1u so v\u1edbi \u0111\u00e1nh gi\u00e1 ban \u0111\u1ea7u.<\/p>\n<p>F5 c\u0169ng c\u00f4ng b\u1ed1 c\u00e1c d\u1ea5u hi\u1ec7u nh\u1eadn bi\u1ebft h\u1ec7 th\u1ed1ng b\u1ecb x\u00e2m nh\u1eadp \u0111\u1ec3 qu\u1ea3n tr\u1ecb vi\u00ean \u0111\u00e1nh gi\u00e1 nguy c\u01a1. M\u1ed9t s\u1ed1 \u0111i\u1ec3m c\u1ea7n l\u01b0u \u00fd:\u200b<\/p><\/div>\n<ul>\n<li data-xf-list-type=\"ul\">\n<div>T\u1ec7p tin: xu\u1ea5t hi\u1ec7n c\u00e1c pipe l\u1ea1 \/run\/bigtlog.pipe ho\u1eb7c \/run\/bigstart.ltm; sai l\u1ec7ch hash, k\u00edch th\u01b0\u1edbc ho\u1eb7c d\u1ea5u th\u1eddi gian c\u1ee7a \/usr\/bin\/umount v\u00e0 \/usr\/sbin\/httpd.\u200b<\/div>\n<\/li>\n<li data-xf-list-type=\"ul\">\n<div>Nh\u1eadt k\u00fd h\u1ec7 th\u1ed1ng: c\u00e1c m\u1ee5c trong restjavad-audit ho\u1eb7c auditd ghi nh\u1eadn ng\u01b0\u1eddi d\u00f9ng local truy c\u1eadp iControl REST API t\u1eeb localhost \u0111\u1ec3 v\u00f4 hi\u1ec7u h\u00f3a SELinux.\u200b<\/div>\n<\/li>\n<li data-xf-list-type=\"ul\">\n<div>Ho\u1ea1t \u0111\u1ed9ng ng\u1ee5y trang: tin t\u1eb7c s\u1eed d\u1ee5ng ph\u1ea3n h\u1ed3i HTTP 201 v\u00e0 n\u1ed9i dung ki\u1ec3u CSS \u0111\u1ec3 che gi\u1ea5u c\u00e1c thao t\u00e1c tr\u00e1i ph\u00e9p.\u200b<\/div>\n<\/li>\n<li data-xf-list-type=\"ul\">\n<div>Webshell in-memory: webshell ch\u1ee7 y\u1ebfu ho\u1ea1t \u0111\u1ed9ng trong b\u1ed9 nh\u1edb, c\u00f3 th\u1ec3 ch\u1ea1y m\u00e0 kh\u00f4ng ghi l\u00ean \u0111\u0129a, khi\u1ebfn c\u00e1c file nh\u01b0 apm_css.php3 hay full_wt.php3 kh\u00f4ng b\u1ecb thay \u0111\u1ed5i v\u00e0 c\u00f4ng c\u1ee5 ki\u1ec3m tra t\u00ednh to\u00e0n v\u1eb9n nh\u01b0 sys-eicheck c\u00f3 th\u1ec3 b\u1ecb qua m\u1eb7t.\u200b<\/div>\n<\/li>\n<li data-xf-list-type=\"ul\">\n<div>Ho\u1ea1t \u0111\u1ed9ng d\u00f2 qu\u00e9t: c\u00e1c chuy\u00ean gia t\u1eeb Defused Cyber ghi nh\u1eadn vi\u1ec7c d\u00f2 qu\u00e9t nh\u1eafm v\u00e0o endpoint \/mgmt\/shared\/identified-devices\/config\/device-info \u0111\u1ec3 thu th\u1eadp th\u00f4ng tin thi\u1ebft b\u1ecb nh\u01b0 hostname v\u00e0 \u0111\u1ecba ch\u1ec9 MAC c\u01a1 s\u1edf.\u200b<\/div>\n<\/li>\n<\/ul>\n<div>C\u00e1c phi\u00ean b\u1ea3n b\u1ecb \u1ea3nh h\u01b0\u1edfng v\u00e0 b\u1ea3n v\u00e1 t\u01b0\u01a1ng \u1ee9ng:\u200b<\/div>\n<ul>\n<li data-xf-list-type=\"ul\">\n<div>BIG-IP t\u1eeb 17.5.0 \u0111\u1ebfn 17.5.1 c\u1ea7n n\u00e2ng l\u00ean 17.5.1.3\u200b<\/div>\n<\/li>\n<li data-xf-list-type=\"ul\">\n<div>BIG-IP t\u1eeb 17.1.0 \u0111\u1ebfn 17.1.2 c\u1ea7n n\u00e2ng l\u00ean 17.1.3\u200b<\/div>\n<\/li>\n<li data-xf-list-type=\"ul\">\n<div>BIG-IP t\u1eeb 16.1.0 \u0111\u1ebfn 16.1.6 c\u1ea7n n\u00e2ng l\u00ean 16.1.6.1\u200b<\/div>\n<\/li>\n<li data-xf-list-type=\"ul\">\n<div>BIG-IP t\u1eeb 15.1.0 \u0111\u1ebfn 15.1.10 c\u1ea7n n\u00e2ng l\u00ean 15.1.10.8\u200b<\/div>\n<\/li>\n<\/ul>\n<div>S\u1ef1 chuy\u1ec3n \u0111\u1ed5i t\u1eeb DoS sang pre-auth RCE \u0111\u00e3 n\u00e2ng m\u1ee9c r\u1ee7i ro l\u00ean m\u1ee9c c\u1ef1c k\u1ef3 nghi\u00eam tr\u1ecdng, nh\u1ea5n m\u1ea1nh r\u1eb1ng c\u00e1c qu\u1ea3n tr\u1ecb vi\u00ean c\u1ea7n ngay l\u1eadp t\u1ee9c v\u00e1 c\u00e1c phi\u00ean b\u1ea3n b\u1ecb \u1ea3nh h\u01b0\u1edfng v\u00e0 theo d\u00f5i s\u00e1t c\u00e1c d\u1ea5u hi\u1ec7u x\u00e2m nh\u1eadp \u0111\u1ec3 b\u1ea3o v\u1ec7 h\u1ea1 t\u1ea7ng m\u1ea1ng tr\u01b0\u1edbc nguy c\u01a1 b\u1ecb chi\u1ebfm quy\u1ec1n \u0111i\u1ec1u khi\u1ec3n ho\u00e0n to\u00e0n.\u200b<\/div>\n<p>&nbsp;<\/p>\n<div><b><i>Theo The Hacker News<\/i><\/b><\/div>\n","protected":false},"excerpt":{"rendered":"<p>C\u01a1 quan An ninh C\u01a1 s\u1edf h\u1ea1 t\u1ea7ng v\u00e0 An ninh m\u1ea1ng M\u1ef9 (CISA) v\u1eeba ch\u00ednh th\u1ee9c b\u1ed5 sung l\u1ed7 h\u1ed5ng CVE-2025-53521 tr\u00ean F5 BIG-IP Access Policy Manager (APM) v\u00e0o danh s\u00e1ch c\u00e1c l\u1ed7 h\u1ed5ng \u0111ang b\u1ecb khai th\u00e1c t\u00edch c\u1ef1c. \u0110\u00e2y l\u00e0 \u0111\u1ed9ng th\u00e1i nh\u1eb1m c\u1ea3nh b\u00e1o c\u00e1c qu\u1ea3n tr\u1ecb vi\u00ean v\u00e0 nh\u1eefng \u0111\u01a1n [&hellip;]<\/p>\n","protected":false},"author":20,"featured_media":47636,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"tdm_status":"","tdm_grid_status":"","footnotes":""},"categories":[3,24,35],"tags":[],"class_list":["post-47635","post","type-post","status-publish","format-standard","has-post-thumbnail","category-canh-bao-khuyen-nghi","category-tin-noi-bat","category-tin-tuc-su-kien"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/47635","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/users\/20"}],"replies":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/comments?post=47635"}],"version-history":[{"count":1,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/47635\/revisions"}],"predecessor-version":[{"id":47637,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/47635\/revisions\/47637"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/media\/47636"}],"wp:attachment":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/media?parent=47635"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/categories?post=47635"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/tags?post=47635"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}