F5 BIG-IP tmsh Vulnerability Allowing Privilege Escalation

A vulnerability exists in a specific BIG-IP TMOS Shell (tmsh) command, potentially allowing an authenticated attacker with resource administrator or administrator role to execute arbitrary system commands with elevated privileges. In Appliance mode deployments, this exploit could enable the attacker to cross a security boundary. Affected versions include BIG-IP 21.0.0, 17.5.0 through 17.5.1, and 17.1.0 through 17.1.3. This vulnerability has been classified as CWE-732: Incorrect Permission Assignment for Critical Resource.

Impact

Exploitation of this vulnerability could allow an authenticated attacker with the appropriate administrative privileges to execute arbitrary commands with higher privileges, bypassing Appliance mode security on BIG-IP systems. This could lead to unauthorized access to sensitive system functions or data.

Remediation

Users can upgrade to BIG-IP versions 21.0.0.2, 17.5.1.6, or 17.1.3.2. For more information about managing BIG-IP product hotfixes, refer to the F5 article K13123.