[ SB 20.24 ] RCE in F5s BigIP - Management-Interface (CVE-2020-5902)

Critical and high-severity vulnerabilities in F5's BIG-IP-Appliance allowing a remote attacker to take complete control of the targeted system (RCE)

CVE-2020-5902 has a CVSS-Score of 10

The Problem lies within the admin-interface Traffic Management User Interface (TMUI), that can be trivially exploited, when exposed.

Update 2020-07-07: The Mitigations by F5 mentioned in their Article can be bypassed, and we have multiple confirmation, including active exploitation from logs as well

sb 20.24-3

sb 20.24 2

8.500 devices are to be found online.

sb 20.24

Updates over the weekend:

exploits released, mayhem started, every device that was unpatched by 2020-07-05, 16 CET should be considered hacked


Fragen? Kontakt: info@zero.bs