Big-IP Gets a 10: Patch Now!
Big-IP Gets a 10: Patch Now!
When you are at the core of many networks and you get a 10 score on the CVSSv3 vulnerability severity scale, you need to be worried. Well, the current 10 rating relates to the Big-IP (BIP) firewall produced by F5 Networks. This device is a multi-purpose device that integrates firewalls, traffic shaping systems, load balancers, access gateways, and rate limiters, and will often be placed at the gateway to a network. Shodan shows that there are currently 8,447 Big-IP firewalls on the Internet (and which is also used by 48 of Fortune 50 companies):
The vulnerability is defined as CVE-2020–5902 [here] as was found by Mikhail Klyuchnikov (from Positive Technologies). When investigating the TMUI (Traffic Management User Interface), he found that he could perform a remote code execution operation, and which would allow an intruder to run commands from a remote location, and without any privileged credentials. This could then be used to control many of the services in the device, and also to take control over it. While there is no current proof-of-concept for the exploit, it is expected that it will be weaponized soon. Organisations with BIP devices are thus strongly advised to patch their systems as soon as possible. An initial patch is available at: