The cybersecurity firms NCC Group and Bad Packets reported that there were concerted efforts by attackers to exploit the critical vulnerability in F5 systems. Subsequently, massive scanning activities were detected after researchers published proof-of-concept (PoC) code online.
The researchers observed that cyber attacks targeting F5 critical vulnerabilities peaked within 24 hours after the PoC code was released. Meanwhile, F5 released security updates for various vulnerabilities targeted by unidentified hackers.
The vulnerabilities pose significant risks because F5 enterprise networking solutions are present in 48 out of Fortune 50 companies, including Microsoft, Oracle, Facebook, major ISPs, financial institutions, telecoms, and healthcare providers.