CVE-2020-27728

Name of the Vulnerable Software and Affected Versions BIG-IP ASM & Advanced WAF versions 14.1.0 through 14.1.3 BIG-IP ASM & Advanced WAF versions 15.1.0 through 15.1.0.5 BIG-IP ASM & Advanced WAF versions 16.0.0 through 16.0.0.1

Description The Analytics, Visibility, and Reporting daemon (AVRD) may generate a core file and restart on the BIG-IP system when processing requests sent from mobile devices under certain conditions.

Recommendations For BIG-IP ASM & Advanced WAF versions 14.1.0 through 14.1.3, consider updating to a version that fixes the issue. For BIG-IP ASM & Advanced WAF versions 15.1.0 through 15.1.0.5, consider updating to a version that fixes the issue. For BIG-IP ASM & Advanced WAF versions 16.0.0 through 16.0.0.1, consider updating to a version that fixes the issue. As a temporary workaround, consider restricting the processing of requests from mobile devices to minimize the risk of exploitation.