A critical-severity remote code execution flaw in F5's BIG-IP APM has been exploited by hackers to deploy webshells on unpatched devices, prompting a warning from the vendor to patch immediately. Initially classified as a denial-of-service vulnerability, the flaw's severity has been upgraded due to its potential for remote code execution. Attackers are actively leveraging this vulnerability to compromise unpatched BIG-IP devices, highlighting the urgent need for users to apply the available patch. The exploitation of this flaw allows hackers to gain unauthorized access to affected systems, posing a significant risk to network security. This vulnerability is particularly concerning given the widespread use of F5's BIG-IP devices in enterprise networks1. As a result, practitioners should prioritize patching their systems to prevent potential breaches, as the exploitation of this flaw can have severe consequences for network security and integrity.
Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now
⚠️ Critical Alert
Why This Matters
F5 has reclassified a BIG-IP APM denial-of-service (DoS) vulnerability as a critical-severity remote code execution (RCE) flaw, warning that attackers are exploiting it to deploy.
References
- BleepingComputer. (2026, March 30). Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now. *BleepingComputer*. https://www.bleepingcomputer.com/news/security/hackers-now-exploit-critical-f5-big-ip-flaw-in-attacks-patch-now/
Original Source
BleepingComputer
Read original →