Critical Vulnerability in F5's BIG-IP Traffic Management User Interface (TMUI)

Published on 02 Nov 2023

F5 has released security updates to address a critical vulnerability (CVE-2023-46747) in their BIG-IP Traffic Management User Interface (TMUI). The vulnerability is reportedly being actively exploited and has a Common Vulnerability Scoring System (CVSSv3.1) score of 9.8 out of 10.

Successful exploitation of the vulnerability could allow an unauthenticated attacker with network access to the BIG-IP system through the management port to perform arbitrary code execution.

 The vulnerability affects the following product versions:

  • Versions 17.1.0 - 17.1.1
  • Versions 16.1.0 - 16.1.4
  • Versions 15.1.0 - 15.1.10
  • Versions 14.1.0 - 14.1.5
  • Versions 13.1.0 - 13.1.5

Users and administrators of affected product versions are advised to update to the latest versions immediately.

If immediate patching is not possible, or you are currently on Version 17.1.1, which is still pending an engineering hotfix, you are advised to perform the mitigation steps listed here:  https://my.f5.com/manage/s/article/K000137353

More information is available here:

https://www.bleepingcomputer.com/news/security/hackers-exploit-recent-f5-big-ip-flaws-in-stealthy-attacks/

https://thehackernews.com/2023/11/alert-f5-warns-of-active-attacks.html 

https://my.f5.com/manage/s/article/K000137353