Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Two security flaws in F5 BIG-IP and BIG-IQ can be exploited to enable remote code execution. An adversary could get persistent root access to the device's management interface by successfully exploiting the vulnerability (CVE-2022-41622), however this requires the attacker to know the address for a certain BIG-IP instance. Although the proof of concept is available, such an exploit requires an administrator with an active session visiting a rogue website.