Advisory February 3, 2023

CVE-2023-22374: F5 BIG-IP Format String Vulnerability

Obrela SOC

A format string vulnerability exists in iControl SOAP that allows an authenticated attacker to crash the iControl SOAP CGI process or, potentially execute arbitrary code. In appliance mode BIG-IP, a successful exploit of this vulnerability can allow the attacker to cross a security boundary.

Affected devices:

This issue affects BIG-IP only (not BIG-IQ), and at the moment of publishing the current advisory, they are not yet patched. The currently supported versions known to be vulnerable are:

  • F5 BIG-IP 17.0.0
  • F5 BIG-IP – 16.1.3
  • F5 BIG-IP – 15.1.8
  • F5 BIG-IP – 14.1.5
  • F5 BIG-IP 13.1.5

If any of the affected versions of this product exist on your infrastructure and since the official patch has not been published yet, kindly:

Make sure to follow F5’s security advisory to mitigate any possible attacks.

The Threat Hunting and SOC teams of OBRELA remain vigilant and continue to monitor the activity.