Security News > 2022 > May > Exploits created for critical F5 BIG-IP flaw, install patch immediately
Security researchers are warning F5 BIG-IP admins to immediately install the latest security updates after creating exploits for a recently disclosed critical CVE-2022-1388 remote code execution vulnerability.
Last week, F5 disclosed a new critical remote code execution in BIG-IP networking devices tracked as CVE-2022-1388.
As F5 BIG-IP devices are commonly used in the enterprise, this vulnerability is a significant risk as it would allow threat actors to exploit the bug to gain initial access to networks and then spread laterally to other devices.
This weekend, cybersecurity researchers from Horizon3 and Positive Technologies were both able to create exploits for the new F5 BIG-IP vulnerability.
Zach Hanley, Chief Attack Engineer at Horizon3, told BleepingComputer that it took them only two days to discover the exploit and expect threat actors to begin exploiting devices soon.
Horizon3 says they will be publicly releasing their proof-of-concept exploit this week to push organizations to patch their devices.
News URL
Related news
- Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits (source)
- Critical Ivanti RCE flaw with public exploit now used in attacks (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409) (source)
- Akira and Fog ransomware now exploit critical Veeam RCE flaw (source)
- CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance (source)
- CISA: Hackers abuse F5 BIG-IP cookies to map internal servers (source)
- VMware fixes bad patch for critical vCenter Server RCE flaw (source)
- Microsoft SharePoint RCE flaw exploits in the wild – you've had 3 months to patch (source)
- Emergency patch: Cisco fixes bug under exploit in brute-force attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-05 | CVE-2022-1388 | Missing Authentication for Critical Function vulnerability in F5 products On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. | 9.8 |