F5 has released a security advisory to address remote code execution (RCE) vulnerabilities— CVE-2021-22986, CVE-2021-22987—impacting BIG-IP and BIG-IQ devices. An attacker could exploit these vulnerabilities to take control of an affected system.
CISA encourages users and administrators review the F5 advisory and install updated software as soon as possible.
On March 10th, 2021, F5 announced twenty-one (21) CVEs, including four Critical vulnerabilities. This document is intended to serve as an overview of these vulnerabilities to help determine the impact on your F5 devices. The details of each issue can be found in the associated Security Advisory.