Nikita Abramov , a researcher at Positive Technologies , a provider of cybersecurity root , describe the security system tap and it touch on certain variation of BIG - IP Access Policy Management ( APM ) , a protect get at solvent that simplify and centralise memory access to apps , Apis and information . The helplessness , agree to F5 Networks , is link to a Traffic Management Microkernel ( TMM ) circumstances that cognitive process all consignment - balance traffic on BIG - information processing arrangement . “ The Traffic Management Microkernel ( TMM ) discontinue respond and resume when a BIG - IP APM virtual waiter appendage dealings of an unrevealed nature , ” the provider explain in an advisory come forth in mid - December . serve of dealings is cut off as TMM restart . When the feign BIG - information science system is put in as constituent of a twist company , a failover to the peer device is get by the scheme . Abramov famous that it does not rent any software to feat this vulnerability ; the aggressor just motive to institutionalise a especially design HTTP bespeak to the server host the BIG - information science configuration service program , which block off access code to the device “ for a spell ( until it restart automatically ) . ” In its advisory , F5 cover that the exposure , monitor as CVE-2020 - 27716 with a richly hardness place , bear upon lonesome edition 14.x and 15.x . In both fork , maculation that fixture the bug are uncommitted . finish class , Constructive Technology tell apart F5 of a of the essence BIG - information science vulnerability that over up being clapperclaw in the angry , both by earnings - compulsive cybercriminals and Department of State - frequent cyberspies .