Skip to main content

F5 Releases Security Advisory for BIG-IP Vulnerability

An RCE vulnerability in F5's BIG-IP product family has been disclosed. Exploitation of this vulnerability may lead to an attacker taking control of an affected system.

Threat ID:
CC-3537
Threat Severity:
Low
Published:
7 July 2020 12:00 AM
Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

An RCE vulnerability in F5's BIG-IP product family has been disclosed. Exploitation of this vulnerability may lead to an attacker taking control of an affected system.

Affected platforms

The following platforms are known to be affected:

F5 BIG-IP - Versions 15.0.0 to 15.1.0.3, 14.1.0 to 14.1.2.5, 13.1.0 to 13.1.3.3, 12.1.0 to 12.1.5.1, and 11.6.1 to 11.6.5.1

Threat details

Vulnerability

F5 has released a security advisory to address a remote code execution (RCE) vulnerability in the BIG-IP Traffic Management User Interface (TMUI). A remote, unauthenticated attacker could exploit this vulnerability to create or alter files, execute arbitrary system commands, disable services, or execute arbitrary Java code; and may result in complete system or network compromise.

Proof-of-Concepts

A number of proof-of-concept exploits are available for CVE-2020-5902, with evidence that some of them have been observed in remote attacks.

Threat updates

Date Update
28 Jul 2020 Confirmed attacks

A number of campaigns have now been observed using CVE-2020-5902 exploits.

Remediation advice

Users and administrators are encouraged to review F5 advisory K52145254 and apply the necessary updates immediately.

Remediation steps

Type Step
Patch

Apply the relevant updates.


https://support.f5.com/csp/article/K52145254

Last edited: 28 July 2020 12:39 pm