Threat Response: UPDATE – Remote Code Execution vulnerability in F5 BIG-IP Systems

08-07-2020

On July 6th 2020 we sent out a Threat Response regarding a number of vulnerabilities in F5 BIG-IP systems [1]. We advised you to update the concerning systems as soon as possible, and if this was not feasible, to apply mitigation steps.

It has become clear that the mitigation steps originally recommended by F5 for the most critical vulnerability – CVE-2020-5902 – are not sufficient. It is possible to bypass them [2]. F5 updated the mitigation steps, see [3]. However, F5 strongly urges to apply the update. Northwave concurs with this advice. Updating removes the vulnerability entirely. We have seen scanning traffic for this vulnerability on the internet.

Note: this is an update, to see the original post, please click here

Northwave will monitor any developments regarding this vulnerability. If new critical information about this threat arises we will reach out to you. If you need additional information you can call us by phone or send us an email.

Phone number: +31 (0)30-303 1244 (during business hours)
E-mail: [email protected]

Do you have an incident right now? Call our CERT number: 0800-2255 2747 or 0800-1744 (alleen vanuit Nederland)

Disclaimer applies, see below.

Sources

[1]: https://northwave-security.com/threat-response-vulnerabilities-in-big-ip-systems/

[2]: https://www.bleepingcomputer.com/news/security/mitigating-critical-f5-big-ip-rce-flaw-not-enough-bypass-found/

[3]: https://support.f5.com/csp/article/K52145254

Disclaimer

Northwave has made every effort to make this information accurate and reliable. However, the information provided is without warranty of any kind and its use is at the sole risk of the user. Northwave does not accept any responsibility or liability for the accuracy, content, completeness, legality or reliability of the information provided. We shall not be liable for any loss or damage of whatever nature, direct or indirect, consequential or other, whether arising in contract, tort or otherwise, which may arise as a result of your use of, or inability to use, this information or any additional information provided by us in direct or indirect relation to the information provided here.