Project Hyphae
Search

BIG-IP, Big Problems.

Share This Post

F5 recently disclosed a CVSS 9.8 vulnerability with BIG-IP systems. This vulnerability would allow a NON-AUTHENTICATED attacker with access to the BIG-IP system to execute arbitrary system commands, create/delete files, and disable services. This does appear to be limited to just the control area, and doesn’t directly expose any data. However, any time you have this level of control the options to further the attack are pretty vast.

Looking through the mitigations that F5 provides, it appears that this vulnerability is available through the management interface and the “self IP address”. Again, this looks like a problem that could be solved simply with a default-deny posture, and only allowing connections that are absolutely necessary.

You can follow the vulnerability and read through the mitigation steps here: https://support.f5.com/csp/article/K23605346



Reach out to our incident response team for help

More To Explore

Information Security News – 6/2/2025

Why Layoffs Increase Cybersecurity Risks Article Link: https://www.helpnetsecurity.com/2025/05/26/layoffs-cybersecurity-risks/ The CISO’s Dilemma: Balancing Access, Security, and Operational Continuity Article Link: https://www.forbes.com/councils/forbestechcouncil/2025/05/27/the-cisos-dilemma-balancing-access-security-and-operational-continuity/ Massive Data Breach Exposes 184

Jo Moldenhauer June 2, 2025

Information Security News – 5/19/2025

Attackers Lace Fake Generative AI Tools With ‘Noodlophile’ Malware Article Link: https://www.darkreading.com/endpoint-security/attackers-fake-generative-ai-tools-malware CISA Reverses Decision on Cybersecurity Advisory Changes Article Link: https://www.infosecurity-magazine.com/news/cisa-reverses-decision-advisory/ FBI Warns That

Jo Moldenhauer May 19, 2025

Do You Want to Shore Up Your Defenses?

We're opening our first round of threat hunting engagements to 100 organizations. Sign up or join the wait list here.