CVE-2020-5873 : Security Advisory and Response
Learn about CVE-2020-5873, a privilege escalation vulnerability impacting BIG-IP and BIG-IQ products. Find out affected versions, exploitation details, and mitigation steps.
A vulnerability on BIG-IP and BIG-IQ allows a user with specific access to execute arbitrary commands, leading to privilege escalation.
Understanding CVE-2020-5873
What is CVE-2020-5873?
CVE-2020-5873 is a privilege escalation vulnerability affecting BIG-IP and BIG-IQ products, allowing unauthorized command execution.
The Impact of CVE-2020-5873
The vulnerability enables a user with restricted access to execute malicious commands, potentially leading to unauthorized privilege escalation.
Technical Details of CVE-2020-5873
Vulnerability Description
A user with Resource Administrator role access to the scp utility but not Advanced Shell (bash) can run arbitrary commands via a crafted scp request.
Affected Systems and Versions
- BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.1, 12.1.0-12.1.5, 11.6.1-11.6.5
- BIG-IQ versions 5.2.0-7.1.0
Exploitation Mechanism
The vulnerability is exploited by a user with scp utility access but lacking bash access, leveraging a maliciously crafted scp request.
Mitigation and Prevention
Immediate Steps to Take
- Apply vendor-provided patches immediately
- Restrict access to vulnerable systems
- Monitor for any unauthorized access or commands
Long-Term Security Practices
- Regularly update and patch systems
- Implement the principle of least privilege for user access
Patching and Updates
- F5 has released patches to address this vulnerability
- Regularly check for and apply updates to ensure system security