BIG-IP, a multi-purpose networking device manufactured by F5, is one of the most commonly used devices among sensitive networks and corporations around the world. On July 1st, F5 released patches for their BIG-IP devices that helped protect users against a remote code execution vulnerability found for the device. Three days after the initial release, attacks from various threat actors were identified, and the US Cyber Command issued a warning to not delay patching over the weekend. By exploiting the vulnerability, which is tracked as CVE-2020-5902, threat actors would be able to gain full control over unpatched BIG-IP systems that are accessible to the Internet. This would allow the attacker to steal any information on the network–including administrator passwords. The vulnerability received maximum severity rating of a 10 on the CVSS severity scale, which means it is easy to exploit, automate, and can be used over the Internet without any credentials or advanced coding skills. Exploit code is widely available on the Internet and has been added to the Metasploit Framework, making it easy for anyone to discover and exploit unpatched systems.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in