BIG-IP systems set up for connection mirroring in a high availability (HA) pair transfer sensitive cryptographic objects over an insecure communications channel. This is a control plane issue which is exposed only on the network used for connection mirroring. (CVE-2020-5885)
Impact
On-path attackers may be able to read and modify the keys used for EXPORT-based cipher suites. Only HA pairs with session mirroring or connection mirroring enabled are vulnerable.