Actively exploited vulnerability

CVE-2022-1388: F5 BIG-IP Missing Authentication Vulnerability

F5 BIG-IP contains a missing authentication in critical function vulnerability which can allow for remote code execution, creation or deletion of files, or disabling services.

CISA KEV source 10 May 2022 added 31 May 2022 remediation due

Affected product

F5 · BIG-IP

Known ransomware use: Known

Required action

Follow the source advisory and validate exposure in your environment.

Apply updates per vendor instructions.

Related Yasna coverage

Recent reporting that mentions CVE-2022-1388.

Bleeping Computer19 May 2022

CISA shares guidance to block ongoing F5 BIG-IP attacks

In a joint advisory issued today, CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC) warned admins of active attacks targeting a critical F5 BIG-IP network security vulnerability (CVE-2022-1388). [...]

Dark Reading10 May 2022

How to Check if Your F5 BIG-IP Device Is Vulnerable

This Tech Tip walks network administrators through the steps to address the latest critical remote code execution vulnerability (CVE-2022-1388) in F5's BIG-IP management interface.