Hackers exploiting critical F5 BIG-IP flaw to drop backdoors

Trooper

Level 16
Thread author
Well-known
Aug 28, 2015
755
Threat actors have started massively exploiting the critical vulnerability tracked as CVE-2022-1388, which affects multiple versions of all F5 BIG-IP modules, to drop malicious payloads.

F5 last week released patches for the security issue (9.8 severity rating), which affects the BIG-IP iControl REST authentication component.

The company warned that the vulnerability enables an unauthenticated attacker on the BIG-IP system to run “arbitrary system commands, create or delete files, or disable services.”

At the moment, there are thousands of BIG-IP systems exposed on the internet, so attackers can leverage the exploit remotely to breach the corporate network.