Critical F5 bug could lead to wide range of security vulnerabilities
F5 has fixed more than a dozen high-severity security vulnerabilities in its networking device, with one of them being elevated to critical severity and CVSS score of 9.9 under specific conditions. All vulnerabilities are part of this month’s delivery of security updates, addressing almost 30 vulnerabilities for multiple F5 devices.
When this vulnerability is exploited, an authenticated attacker with access to the Configuration utility can execute arbitrary system commands, create or delete files, and disable services. This vulnerability may result in complete system compromise. The vulnerabilities affect multiple versions of BIG-IP and BIG-IQ devices, potentially allowing an attacker to perform a wide range of malicious actions.