Security News > 2022 > May > CISA Urges Organizations to Patch Actively Exploited F5 BIG-IP Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency has added the recently disclosed F5 BIG-IP flaw to its Known Exploited Vulnerabilities Catalog following reports of active abuse in the wild.

"An attacker can use this vulnerability to do just about anything they want to on the vulnerable server," Horizon3.

Patches and mitigations for the flaw were announced on F5 on May 4, but it has been subjected to in-the-wild exploitation over the past week, with attackers attempting to install a web shell that grants backdoor access to the targeted systems.

"Due to the ease of exploiting this vulnerability, the public exploit code, and the fact that it provides root access, exploitation attempts are likely to increase," Rapid7 security researcher Ron Bowes noted.

"Widespread exploitation is somewhat mitigated by the small number of internet-facing F5 BIG-IP devices."

While F5 has since revised its advisory to include what it believes to be "Reliable" indicators of compromise, it has cautioned that "a skilled attacker can remove evidence of compromise, including log files, after successful exploitation."

News URL

https://thehackernews.com/2022/05/cisa-urges-organizations-to-patch.html