Don’t expose system services on traffic interfaces unless you have to, and make sure you have firewall rules in place to limit the exposure if so.
Don’t expose the management interface except to the most trusted access; and still apply firewall rules. 14.x forward, you can use AFM rules even without license/provisioning on the management interface https://support.f5.com/csp/article/K46122561
Patch BIG-IP to 13.1.5, 22.214.171.124, 126.96.36.199, 188.8.131.52. 17.0.0 is also not vulnerable, but I wouldn’t recommend a major upgrade as a patch-only operation. Too much risk under duress.
If you are on 11.x or 12.x, they both are EoL, 11.x as of yesterday and 12.x on the 18th, and they will not be fixed. So you can mitigate currently https://support.f5.com/csp/article/K23605346 BUT GET updated to a supported release, recommend 184.108.40.206 if you’re going to go through the effort!