"This vulnerability allows an unauthenticated attacker to perform remote code execution. The BIG-IP system in Appliance mode is also vulnerable. This is a data plane issue; there is no control plane exposure."
"We have learned that this vulnerability has been exploited in the vulnerable BIG-IP versions. The original CVE remediation has been validated to address the RCE in the fixed versions."
"CISA added the CVE to its Known Exploited Vulnerabilities (KEV) catalog, urging federal agencies to patch it within three days."
"Indicators of compromise associated with the malicious activity targeting vulnerable BIG-IP systems include the presence of rogue files, mismatches in file hashes, and specific log entries."
CISA has issued a warning regarding the exploitation of a critical vulnerability in F5 BIG-IP systems, tracked as CVE-2025-53521. Initially disclosed as a denial-of-service issue, it has been reclassified as a remote code execution vulnerability. Affected versions include BIG-IP APM versions 17.5.0 - 17.5.1, 17.1.0 - 17.1.2, 16.1.0 - 16.1.6, and 15.1.0 - 15.1.10. Organizations are urged to patch the vulnerability within three days, and F5 has provided indicators of compromise related to the exploitation.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]