- F5 recently suffered a breach where attackers stole BIG-IP source code and vulnerability data
- More than 266,000 BIG-IP devices are exposed online, mainly in the US, Europe and Asia.
- CISA issued emergency patch deadlines to protect federal networks from potential exploitation
More than 266,000 F5 BIG-IP instances connected to the public Internet could be at risk of cyberattacks following the company’s recent cyberattack, experts warned.
F5 recently reported that a “nation-state-affiliated cyber threat actor” had stolen sensitive files, including a portion of BIG-IP’s source code and vulnerability information. With this data, attackers could analyze F5 products, find zero days, and develop different exploits and malware.
The company pushed an emergency patch to fix all known vulnerabilities and emphasized that there was no immediate danger as critical or remotely exploitable vulnerabilities were not among the stolen files and, so far, there has been no evidence of exploitation in the wild.
Attack surface
Now, the Shadowserver Foundation, a security nonprofit that monitors the Internet for malicious activity and helps improve global cybersecurity, says there are more than 266,000 F5 BIG-IP instances exposed online that could potentially be a target.
The majority (about 142,000) are in the United States, with Europe and Asia home to another 100,000.
The nonprofit does not know how many of these instances were fixed against these defects. It’s safe to assume that at least some of them were patched, so the attack surface is probably somewhat smaller than this.
At the same time, the US Cybersecurity and Infrastructure Security Agency (CISA) urged Federal Civil Executive Branch (FCEB) agencies to catalog and patch F5 products in their technology stack to minimize risk.
In emergency directive ED 26-01, CISA said the breach was an “imminent threat to federal networks” using F5’s products, as it could lead to compromised API keys, data breaches, and even outright compromise of targeted systems.
For F5OS, BIG-IP TMOS, BIG-IQ, and BNK/CNF products, the patching deadline is October 22, 2025, while for all other F5 products it is October 31.
Through beepcomputer
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
