Alert status MEDIUM The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) advises users of F5’s enterprise and data centre BIG-IP products to ensure their systems are promptly patched after the recent disclosure of new remote code execution vulnerability. CVE-2020-5902 allows an actor with access to Traffic Management User Interface (TMUI) to execute arbitrary system commands, create or delete files, disable services and/or execute arbitrary Java code. The ACSC strongly encourages users and administrators to review the F5 advisory for CVE-2020-5902 and update their systems promptly. Further information about CVE-2020-5902 is available on F5’s website. To report a cybercrime, visit ReportCyber Content complexity Moderate This rating relates to the complexity of the advice and information provided on the page.