F5 has released a fix for a critical-severity, unauthenticated remote code execution flaw in several versions of its BIG-IP security appliances. The flaw (CVE-2023-46747) exists in the configuration utility of BIG-IP, and according to F5, certain (undisclosed) requests could enable attackers to bypass authentication methods for the utility, enabling them to potentially gain administrative privileges. The bug has a CVSS v3 score of 9.8 out of 10. “This vulnerability may allow an unauthenticate...