Security News

Cybersecurity news aggregator

🔓
HIGH Vulnerabilities HKCERT

F5 Products Multiple Vulnerabilities

f5dosmitre-ta0001mitre-t1190
Multiple critical vulnerabilities affecting a wide range of F5 products, including BIG-IP, BIG-IQ, and BIG-IP Next, allow a remote attacker to potentially cause denial of service, execute remote code, bypass security restrictions, or escalate privileges. The impacted versions span numerous major releases, specifically versions 16.1.0 through 16.1.6, 17.1.0 through 17.1.3, 17.5.0 through 17.5.1, and 21.0.0 for core modules, with additional specific version ranges for other product lines. Administrators must immediately apply the fixes provided by F5 via the multiple referenced knowledge base articles, as no workarounds are mentioned in the advisory.
Read Full Article →

Multiple vulnerabilities were identified in F5 Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, security restriction bypass and elevation of privilege on the targeted system. Impact Denial of Service Remote Code Execution Security Restriction Bypass Elevation of Privilege System / Technologies affected BIG-IP (all modules) version 16.1.0 - 16.1.6 version 17.1.0 - 17.1.3 version 17.5.0 - 17.5.1 version 21.0.0 BIG-IP APM version 16.1.0 - 16.1.6 version 17.1.0 - 17.1.3 version 17.5.0 - 17.5.1 version 21.0.0 BIG-IP PEM version 16.1.0 - 16.1.6 version 17.1.0 - 17.1.3 version 17.5.0 - 17.5.1 version 21.0.0 BIG-IP Advanced WAF/ASM version 16.1.0 - 16.1.6 version 17.1.0 - 17.1.3 version 17.5.0 - 17.5.1 version 21.0.0 BIG-IP Advanced WAF/ASM and BIG-IP DDoS Hybrid Defender version 16.1.0 - 16.1.6 version 17.1.0 - 17.1.3 version 17.5.0 - 17.5.1 BIG-IQ Centralized Management version 8.4.0 - 8.4.1 BIG-IP Next CNF version 1.1.0 - 1.4.1 version 2.0.0 - 2.2.1 BIG-IP Next SPK version 1.7.0 - 1.9.2 version 2.0.0 - 2.0.3 BIG-IP Next for Kubernetes version 2.0.0 - 2.1.1 Solutions Before installation of the software, please visit the vendor web-site for more details. Apply fixes issued by the vendor: https://my.f5.com/manage/s/article/K000156761 https://my.f5.com/manage/s/article/K000158038 https://my.f5.com/manage/s/article/K000158082 https://my.f5.com/manage/s/article/K000158978 https://my.f5.com/manage/s/article/K000158979 https://my.f5.com/manage/s/article/K000159034 https://my.f5.com/manage/s/article/K000160727 https://my.f5.com/manage/s/article/K000160874 https://my.f5.com/manage/s/article/K000160875 https://my.f5.com/manage/s/article/K000160901 https://my.f5.com/manage/s/article/K000160945 https://my.f5.com/manage/s/article/K000160971 https://my.f5.com/manage/s/article/K000160972 https://my.f5.com/manage/s/article/K000160975 https://my.f5.com/manage/s/article/K000160979 https://my.f5.com/manage/s/article/K000161023 https://my.f5.com/manage/s/article/K000161040 https://my.f5.com/manage/s/article/K000161056 https://my.f5.com/manage/s/article/K000161107

Related Articles

CRITICAL F5 BIG-IP DoS Flaw Upgraded to Critical RCE, Now Exploited in the Wild SecurityWeek MEDIUM Multiples vulnérabilités dans les produits F5 (25 mars 2026) CERT-FR (ANSSI) CRITICAL Attackers are exploiting RCE vulnerability in BIG-IP APM systems (CVE-2025-53521) Help Net Security CRITICAL Vulnérabilité dans F5 BIG-IP Access Policy Manager (31 mars 2026) CERT-FR (ANSSI)
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn