The U.S. Cybersecurity and Infrastructure Security Agency announced that the organization has added the F5 BIG-IP vulnerability, tracked as CVE-2022-1388, to its Known Exploited Vulnerabilities Catalog. The patch for the vulnerability, which has a CVSS score of 9.8, was released last week.
Actively being exploited
Shortly after the patch was released, various security researchers stated that the vulnerability is currently under attack and proof-of-exploit code can be found on the internet easily. SANS Internet Storm Center announced that some attackers are using “rm -rf /*” command, which erases all of the files on the device, including essential configuration files.
CISA has added the vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. The organization also said that these types of vulnerabilities are a frequent attack vector for cybercriminals and pose a great risk to the federal enterprise. Known Exploited Vulnerabilities Catalog was established by the Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, which only applies to FCEB agencies but CISA urges all organizations to reduce their exposure.