The company warned that the vulnerability enables an unauthenticated attacker on the BIG-IP system to run arbitrary system commands, create or delete files, or disable services.