https://community.isc2.org/t5/Industry-News/Chinese-snoops-use-F5-ConnectWise-bugs-to-sell-access-into-top/m-p/68620#M6780 <P>Hi All</P><P>&nbsp;</P><P>If you have any doubts about China being friendly, these are banished.&nbsp; Lets get real.</P><P>&nbsp;</P><P><A href="https://www.theregister.com/2024/03/22/china_f5_connectwise_unc5174/?utm_medium=share&amp;utm_content=article&amp;utm_source=linkedin" target="_blank">https://www.theregister.com/2024/03/22/china_f5_connectwise_unc5174/?utm_medium=share&amp;utm_content=article&amp;utm_source=linkedin</A></P><P>&nbsp;</P><P>Chinese spies exploited a couple of critical-severity bugs in F5 and ConnectWise equipment earlier this year to sell access to compromised US defense organizations, UK government agencies, and hundreds of other entities, according to Mandiant.</P><P>The Google-owned threat hunters said they assess, "with moderate confidence," that a crew they track as UNC5174 was behind the exploitation of <A href="https://nvd.nist.gov/vuln/detail/CVE-2023-46747" target="_blank" rel="nofollow noopener">CVE-2023-46747</A>, a 9.8-out-of-10-CVSS-rated remote code execution bug in the <A href="https://www.theregister.com/2023/11/01/f5_bigip_critical_vulnerability/" target="_blank" rel="noopener">F5 BIG-IP</A> Traffic Management User Interface, and <A href="https://nvd.nist.gov/vuln/detail/CVE-2024-1709" target="_blank" rel="nofollow noopener">CVE-2024-1709</A>, a path traversal flaw in ConnectWise ScreenConnect that scored a perfect 10 out of 10 CVSS severity rating.</P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P><P>&nbsp;</P><P>&nbsp;</P> Sun, 24 Mar 2024 19:56:56 GMT Caute_cautim 2024-03-24T19:56:56Z https://community.isc2.org/t5/Industry-News/Chinese-snoops-use-F5-ConnectWise-bugs-to-sell-access-into-top/m-p/68620#M6780 <P>Hi All</P><P>&nbsp;</P><P>If you have any doubts about China being friendly, these are banished.&nbsp; Lets get real.</P><P>&nbsp;</P><P><A href="https://www.theregister.com/2024/03/22/china_f5_connectwise_unc5174/?utm_medium=share&amp;utm_content=article&amp;utm_source=linkedin" target="_blank">https://www.theregister.com/2024/03/22/china_f5_connectwise_unc5174/?utm_medium=share&amp;utm_content=article&amp;utm_source=linkedin</A></P><P>&nbsp;</P><P>Chinese spies exploited a couple of critical-severity bugs in F5 and ConnectWise equipment earlier this year to sell access to compromised US defense organizations, UK government agencies, and hundreds of other entities, according to Mandiant.</P><P>The Google-owned threat hunters said they assess, "with moderate confidence," that a crew they track as UNC5174 was behind the exploitation of <A href="https://nvd.nist.gov/vuln/detail/CVE-2023-46747" target="_blank" rel="nofollow noopener">CVE-2023-46747</A>, a 9.8-out-of-10-CVSS-rated remote code execution bug in the <A href="https://www.theregister.com/2023/11/01/f5_bigip_critical_vulnerability/" target="_blank" rel="noopener">F5 BIG-IP</A> Traffic Management User Interface, and <A href="https://nvd.nist.gov/vuln/detail/CVE-2024-1709" target="_blank" rel="nofollow noopener">CVE-2024-1709</A>, a path traversal flaw in ConnectWise ScreenConnect that scored a perfect 10 out of 10 CVSS severity rating.</P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P><P>&nbsp;</P><P>&nbsp;</P> Sun, 24 Mar 2024 19:56:56 GMT https://community.isc2.org/t5/Industry-News/Chinese-snoops-use-F5-ConnectWise-bugs-to-sell-access-into-top/m-p/68620#M6780 Caute_cautim 2024-03-24T19:56:56Z