Date: Oct 30, 2023
Time: 12:30 pm NZST
F5 has publicly released a security advisory relating to a critical vulnerability in the BIG-IP appliance that may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self-IP addresses to execute arbitrary system commands.
Management access to all RedShield service components is provided to only trusted users; these connections require multi-factor authentication and occur over a secure network; management interfaces are therefore, not publicly available.
Furthermore, we have prioritised platform upgrades for the affected systems, these have started today and will complete by 3rd November.
We continuously monitor a range of sources for notifications of this type and will continue to take proactive steps to address such findings in any situation where our infrastructure could potentially be impacted.