F5 Networks, a provider of networking devices and services, urges users to patch their BIG-IP networking systems as soon as possible, after the provider disclosed two vulnerabilities. First of these is CVE-2020-5902, a critical remote code execution (RCE) vulnerability found in BIG-IP device’s Traffic Management User Interface (TMUI).
CVE-2020-5902 received a 10 out of 10 score on the Common Vulnerability Scoring System (CVSS) v3.0 vulnerability severity scale. After this vulnerability was made public, threat actors were quick to take advantage of it by launching attacks on the impacted devices, as spotted by NCC Group security researcher Rich Warren.
Read more…
Source: Trend Micro