SB2020051317 - Multiple vulnerabilities in F5 BIG-IP APM and BIG-IP APM Clients

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-5896)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to the BIG-IP Edge Client Windows Installer Service's temporary folder has weak file and folder permissions. A local user can execute signed .exe and MSI files and gain elevated privileges on the client Windows system.

2) Use-after-free (CVE-ID: CVE-2020-5897)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in the BIG-IP Edge Client Windows ActiveX component. A remote attacker can craft a malicious webpage, load it into the Internet Explorer browser by BIG-IP Edge Client users and execute arbitrary code on the target system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

3) Access of Uninitialized Pointer (CVE-ID: CVE-2020-5898)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to the BIG-IP Edge Client Windows Stonewall driver does not sanitize the pointer received from the userland. A local user can send specially crafted DeviceIoControl requests to a \\.\urvpndrv device and crash the Windows kernel.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

• https://support.f5.com/csp/article/K15478554
• https://support.f5.com/csp/article/K20346072
• https://support.f5.com/csp/article/K69154630