**Critical BIG-IP Flaw Exploited by Hackers, Patch Now**

A critical vulnerability in F5 Networks' BIG-IP APM solution has been reclassified as a remote code execution (RCE) flaw after hackers began exploiting it to deploy webshells on unpatched devices. The cybersecurity firm warned that attackers can exploit the vulnerability without privileges, making it a significant threat to organizations relying on BIG-IP for centralized access management.

F5 Networks' BIG-IP APM is a popular solution used by many organizations to secure and manage user access to their networks, cloud, applications, and APIs. However, the recently discovered CVE-2023-53521 vulnerability can be exploited to perform remote code execution when targeting BIG-IP APM systems with access policies configured on a virtual server.

**The Vulnerability: A Critical Threat**

Tracked as CVE-2023-53521, this security flaw was initially categorized and remediated as a Denial-of-Service (DoS) vulnerability. However, after new information came to light in March 2026, F5 reclassified the vulnerability as an RCE flaw. The original CVE remediation has been validated to address the RCE in fixed versions.

"We have learned that this vulnerability has been exploited in vulnerable BIG-IP versions," F5 warned in an advisory update published recently. "F5 strongly recommends that you consult your corporate security policy for guidelines about incident handling procedures, including forensic best practices specific to your organization."

**Exploitation and Impact**

The fact that hackers are already exploiting this critical vulnerability highlights the importance of patching BIG-IP systems as soon as possible. With over 240,000 BIG-IP instances exposed online, according to Shadowserver, it's essential for organizations to review their configurations and ensure they are not vulnerable to attacks.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has also added the vulnerability to its list of actively exploited flaws and ordered federal agencies to secure their BIG-IP APM systems by midnight on March 30. "This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise," CISA warned.

**Prevention and Mitigation**

To prevent exploitation, organizations should follow F5's recommended mitigation steps:

1. **Patch BIG-IP APM systems**: Apply the latest security patches to ensure your BIG-IP system is secure. 2. **Check for indicators of compromise (IOCs)**: Review your logs, disks, and terminal history for signs of malicious activity. 3. **Review access policies**: Ensure that access policies on virtual servers are properly configured.

**Conclusion**

The exploitation of the critical BIG-IP flaw highlights the importance of regular security updates and patches to prevent potential attacks. Organizations relying on BIG-IP APM solutions should take immediate action to patch their systems and review their configurations to ensure they are not vulnerable to attacks.

As hackers continue to exploit vulnerabilities, it's essential for organizations to stay vigilant and implement robust cybersecurity measures to protect themselves against these threats. Stay informed about the latest security news and updates by following our blog, Hacker Pranks.

Keywords: BIG-IP, F5 Networks, RCE flaw, vulnerability, patch now, cyber attack, hacking, cybersecurity, data breach, malware