CERT-In warns users of vulnerability in cybersecurity firm F5 product

New Delhi: The Indian Computer Emergency Response Team (CERT-In), which comes under the Ministry of Electronics & Information Technology (MeitY), on Friday warned users of a vulnerability in multi-cloud application services and security company F5's BIG-IP (a family of products covering software and hardware).

According to the cyber agency, this vulnerability could be exploited by a remote attacker to execute craft DNS queries or cause a Denial of Service (DoS) condition on the targeted system. "Vulnerability exists in F5 BIG-IP due to flooding the target server with queries. A remote attacker could exploit this vulnerability by crafting queries on the affected 'named' instance and responses may cause excessive CPU load on the targeted system," said CERT-In in the advisory.

"Successful exploitation of this vulnerability could allow a remote attacker to execute craft DNS queries or cause a Denial of Service condition on the targeted system," it added.