Background / What has happened?
In May 2022, F5 released a security advisory relating to multiple Critical and High rated CVE’s, including CVE-2022-1388 with a CVSS score of 9.8, on multiple versions of their BIG-IP product line.
CVE-2022-1388 allows malicious actors to bypass authentication on internet-exposed iControl interfaces, potentially executing arbitrary commands, creating or deleting files, or disabling services.
The ACSC is aware of Proof of Concept code exploiting CVE-2022-1388, and attempts by malicious actors to exploit this vulnerability on Australian networks.
Mitigation / How do I stay secure?
Patches are available for all High and Critical rated CVE’s in F5’s Security advisory, and most have mitigation actions in the event immediate patching is not possible.
The ACSC recommend that F5 users continue to monitor the F5 website for updates and future vulnerabilities.
Assistance / Where can I go for help?
The ACSC is monitoring the situation and is able to provide assistance and advice as required. Organisations that have been impacted or require assistance can contact the ACSC via cyber.gov.au/report
