F5 - Big IP Exploit

F5 has issued an urgent security advisory to BIG-IP administrators following the discovery and active exploitation of two significant vulnerabilities in its platform. F5 BIG-IP, a suite widely used by large enterprises and government agencies, faces a critical authentication bypass flaw (CVE-2023-46747) and a high-severity SQL injection flaw (CVE-2023-46748). These vulnerabilities could enable attackers to access the Configuration utility and execute arbitrary code or commands. Despite the availability of security updates, evidence of compromised devices and exploitation in the wild has been observed. The Cybersecurity & Infrastructure Security Agency (CISA) has emphasized the importance of government agencies, in particular, applying these updates by November 21, 2023. Given the stealthy nature of these exploits, any unpatched BIG-IP endpoints should be considered potentially compromised and administrators are advised to move directly to the system clean up and restoration phase.