Critical Pre-Auth RCE Flaw Found in F5 Big-IP Platform — Patch ASAP!

Software safety corporation F5 Networks on Wednesday posted an advisory warning of 4 important vulnerabilities impacting many solutions that could end result in a denial of provider (DoS) attack and even unauthenticated remote code execution on goal networks.

The patches issue a whole of 7 connected flaws (from CVE-2021-22986 through CVE-2021-22992), two of which had been learned and documented by Felix Wilhelm of Google Undertaking Zero in December 2020.

The 4 essential flaws impact Big-IP versions 11.6 or 12.x and newer, with a crucial pre-auth remote code execution (CVE-2021-22986) also impacting Big-IQ variations 6.x and 7.x. F5 stated it can be not mindful of any public exploitation of these troubles.

Effective exploitation of these vulnerabilities could guide to a full compromise of vulnerable units, which includes the chance of remote code execution as effectively as induce a buffer overflow, foremost to a DoS assault.

Urging buyers to update their Big-IP and Significant-IQ deployments to a set model as soon as achievable, F5 Networks’ Kara Sprague reported the “vulnerabilities have been learned as a outcome of frequent and ongoing internal safety screening of our alternatives and in partnership with revered third get-togethers working by means of F5’s safety program.”

The vulnerabilities have been dealt with in the next items:

  • Big-IP variations: 16..1.1,, 14.1.4,,, and
  • Significant-IQ variations: 8.., 7.1..3, and 7…2

In addition to these flaws, Wednesday’s patches also include fixes for 14 other unrelated protection troubles.

The fixes are noteworthy for the actuality that it’s the 2nd time in as numerous decades that F5 has disclosed flaws that could permit distant code execution.

The latest update to Huge-IP software program comes fewer than a yr immediately after the company dealt with a comparable critical flaw (CVE-2020-5902) in early July 2020, with a number of hacking groups exploiting the bug to focus on unpatched products, prompting the U.S. Cybersecurity and Infrastructure Protection Company (CISA) to concern an warn cautioning of a “wide scanning activity for the presence of this vulnerability across federal departments and businesses.”

“This bug is possibly likely to fly less than the radar, but this is a significantly even bigger deal than it appears to be due to the fact it claims some thing is truly genuinely damaged in the interior protection method of F5 Big-IP products,” reported Matt “Pwn all the Things” Tait in a tweet.

Fibo Quantum