Critical F5 Bug Could Lead to Wide Range of Malicious Actions

F5 has fixed more than a dozen high-severity vulnerabilities in its networking device, one of them being elevated to critical severity under specific conditions. The issues are part of this month’s delivery of security updates, which addresses almost 30 vulnerabilities for multiple F5 devices.

These vulnerabilities are affecting multiple versions of BIG-IP and BIG-IQ devices that could potentially allow an attacker to perform a wide range of malicious actions.


Experts reacted to this latest string of vuln patches.


Sean Nikkel, Senior Cyber Threat Intel Analyst at Digital Shadows, a San Francisco-based provider of digital risk protection solutions:

"Since F5's products are used in many hosting and large enterprise applications, users should check the F5 advisories to check if their equipment is vulnerable. Attackers gaining control of any of those listed devices, specifically the web application firewall, could wreak havoc across an estate. With so many higher-level vulnerabilities listed, organizations must patch them as soon as possible or risk compromise to critical areas of the infrastructure. If it can't be done, steps should be taken to mitigate the risk and at least deploy some of the best practice recommendations from F5, like allowing only trusted, authenticated users to access some of the applications."

Michael Haugh, Vice President at Gluware, a Sacramento, Calif.-based provider of network automation solutions:

"NetOps teams are under the gun to keep the network highly available, secure and delivering the required performance for the business applications. Known vulnerabilities create a challenge to respond quickly to implement any available workaround or fix. Vendor vulnerabilities that require an OS Upgrade or patch can be very labor-intensive and potentially disruptive. In the case of a load balancer like F5, redundancy must be part of the device and traffic must be re-directed off an active device taking it out of service to perform an upgrade. This process often has to be repeated over dozens or even hundreds of devices depending on the organization. Having automated processes to pre-check, stage the image, gracefully execute the upgrades and complete post-checks can significantly improve the ability for NetOps to respond and execute a low-risk upgrade."