NCSC Cyber Security Advisory CSA-2020-1740

Posted July 08, 2020
Security Advisories

Remote code execution vulnerability in F5 BIG-IP products

Details

The National Cyber Security Centre (NCSC) is aware of a critical vulnerability affecting F5 BIG-IP products. This vulnerability has been assigned CVE number CVE-2020-5902, and allows actors with network access to the Traffic Management User Interface (TMUI), also known as the Configuration utility, to execute arbitrary commands or access credentials without authentication.

The NCSC is aware of ongoing activity in relation to this vulnerability, including widespread exploitation of internet accessible devices.

Recommendations

Verify F5 BIG-IP devices have been updated to mitigate this vulnerability as per the guidance highlighted in the F5 Security Advisory(external link).

Restrict management interfaces such as TMUI to be only accessible from trusted networks.

Review logging and contact the NCSC if any unauthorised access is identified.

Download NCSC Advisory CSA-2020-1740 [PDF, 187 KB]

Remote code execution vulnerability in F5 BIG-IP products

Details

Recommendations

Latest headlines

NCSC and partner agencies publish top 15 common vulnerabilities for 2023

Cyber Security Alert: CVE affecting Synology Photos

NZSIS, NCSC and partners launch security advice for tech start-ups

Don’t give to the Scamathon!