The decisive certificate vulnerability , make out as CVE-2020 - 5902 , tolerate an aggressor access the merchandise ’s Traffic Management User Interface ( TMUI ) conformation feature article to pose parole and former sore datum , tap traffic , and accomplish arbitrary codification or program line , lead in the gimmick being completely compromise . The trouble was foretell July 1 . At the clock of revelation , Positive Technologies reported that thousand of vulnerable device were bring out to the cyberspace , admit many in the United States , whose employee were praise with reveal the vulnerability to F5 , . A few daylight later a validation - of – concept feat ( PoC ) was unloosen , and the for the first time seek at exploitation were spot on July 5 . F5 , which go forth a darn before disclosure , tell apart client to make bold that if they have betray to establish the bandage for CVE-2020 - 5902 their scheme have been compromise . Since July 6 , CISA enjoin government department and delegacy have escort scan and supervise activeness link with this bug . The authority inquire respective potency break result from overwork this vulnerability , admit against U.S. politics and commercial message constitution , and it has confirm two case where organisation have been compromise to go steady . CISA has barrack constitution to update their BIG - informatics Cartesian product straight off , and should human activity swiftly if they determine manifest of assail . In the case of a break , the agency ’s passport admit reimaging compromise innkeeper , reset accounting parole , circumscribe admission to the vulnerable direction interface and put through web sectionalisation to forestall the aggressor from make a motion laterally within the electronic network .