CVE-2020-5902: Critical Vulnerability in F5 BIG-IP Traffic Management User Interface (TMUI) Actively Exploited

Three days after an advisory was disclosed for a critical remote code execution vulnerability in F5’s BIG-IP, active attempts to exploit vulnerable hosts have been observed in the wild.

On June 30, F5 Networks published support articles identified as K52145254 and K43638305 to address two vulnerabilities in BIG-IP, its family of products which includes software and hardware solutions that provide access control, application availability and security solutions. These products include:

• Local Traffic Manager (LTM)
• Application Acceleration Manager (AAM)
• Advanced Firewall Manager (AFM)
• Analytics
• Access Policy Manager (APM)
• Application Security Manager (ASM)
• Domain Name System (DNS)
• Fraud Protection Service (FPS)
• Global Traffic Manager (GTM)
• Link Controller
• Policy Enforcement Manager (PEM)

The vulnerabilities were disclosed to F5 by Mikhail Klyuchnikov, a senior web application security researcher at Positive Technologies.

For more information about the F5 Big-IP vulnerability, including the availability of patches and Tenable product coverage please visit our blog.