Skip to main content

F5 BIG-IP Remote Code Execution Vulnerability

Last Update Date: 2 Nov 2023 Release Date: 27 Oct 2023 6480 Views

RISK: High Risk

TYPE: Operating Systems - Networks OS

TYPE: Networks OS

A vulnerability was identified in F5 BIG-IP. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.

 

[Updated on 2023-11-02] 

Updated risk level to high risk due to scattered exploit for CVE-2023-46747 vulnerability.

 

Note:

CVE-2023-46747 vulnerability is being used in scattered exploit that allowed threat actors to execute unauthorized code or commands.


Impact

  • Remote Code Execution

System / Technologies affected

BIG-IP

 

  • 17.1.0
  • 16.1.0 - 16.1.4
  • 15.1.0 - 15.1.10
  • 14.1.0 - 14.1.5
  • 13.1.0 - 13.1.5
 

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:


Vulnerability Identifier


Source


Related Link

https://my.f5.com/manage/s/article/K000137353