Published on: 03 July 2020
F5 has published security advisories to address multiple vulnerabilities in the Traffic Management User Interface (TMUI) of F5 BIG-IP system. Attackers can exploit the vulnerabilities to perform remote code execution, as well as running system commands or JavaScript code in the context of a logged-in user or administrator.
Reports indicate that the vulnerability (CVE-2020-5902) allows a remote, unauthenticated attacker to execute arbitrary commands on affected system through specially crafted requests. Users are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.
Successful exploitation of the vulnerabilities could lead to arbitrary commands execution, arbitrary code execution, data tampering, denial of service and complete control of an affected system.
Software updates for affected systems are now available. System administrators of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk. It is recommended to consult the product vendors for the fixes and assistance.
System administrators are advised to follow the security best practice to only permit management access to the products over a secure network and limit shell access to trusted users.
https://support.f5.com/csp/article/K07051153
https://support.f5.com/csp/article/K31301245
https://support.f5.com/csp/article/K43638305
https://support.f5.com/csp/article/K52145254
https://www.ptsecurity.com/ww-en/about/news/f5-fixes-critical-vulnerability-discovered-by-positive-technologies-in-big-ip-application-delivery-controller/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5902 (to CVE-2020-5905)