Description:

F5 has published a security advisory to address a vulnerability in BIG-IP. The details about the vulnerability can be found at the following website:
https://my.f5.com/manage/s/article/K000137353

Reports indicate that the proof-of-concept (PoC) code for the remote code execution vulnerability (CVE-2023-46747) in F5 BIG-IP is publicly available. An unauthenticated attacker with network access to the Configuration utility, also known as Traffic Management User Interface (TMUI), of vulnerable systems may exploit the vulnerability to execute arbitrary system commands. System administrators are advised to take immediate actions to patch your affected systems to mitigate the elevated risk of cyber attacks.

Affected Systems:

• BIG-IP version 17.1.0
• BIG-IP versions 16.1.0 16.1.4
• BIG-IP versions 15.1.0 15.1.10
• BIG-IP versions 14.1.0 14.1.5
• BIG-IP versions 13.1.0 13.1.5

Impact:

Successful exploitation of the vulnerability could lead to remote code execution of an affected system with the Configuration utility exposed.

Recommendation:

Security updates for affected systems are now available. System administrators of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

In case the security updates could not be applied immediately, system administrators should restrict access to the Configuration utility of vulnerable systems to only trusted users and devices over a secure network as recommended by the product vendor. As implementing the mitigation measure may result in reduced functionality, system administrators should properly assess the impact before adopting the mitigation measure.

More Information:

• https://my.f5.com/manage/s/article/K000137353
• https://www.hkcert.org/security-bulletin/f5-big-ip-remote-code-execution-vulnerability_20231027
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46747