Alerts
Multiple High-Severity Vulnerabilities Affecting F5 Products
17 October 2025
F5 has released security updates addressing multiple high-severity vulnerabilities in their systems, including their BIG-IP development and engineering knowledge platforms.
Background
F5 has released security updates addressing multiple high-severity vulnerabilities following a security incident that occurred in their systems, including their BIG-IP development and engineering knowledge platforms.
Impact
Successful exploitation of vulnerable BIG-IP appliances could allow attackers to steal credentials and Application Programming Interface (API) keys, move laterally within targets' networks, steal sensitive data, and establish persistence on compromised devices.
Affected Products
The vulnerabilities affect the following products:
Affected products | Affected versions |
BIG-IP (all modules) | 17.5.0 - 17.5.1 |
17.1.0 - 17.1.2 | |
16.1.0 - 16.1.6 | |
15.1.0 - 15.1.10 | |
F5OS-C | 1.8.0 - 1.8.1 |
1.6.0 - 1.6.2 | |
F5OS-A | 1.8.03 |
1.5.1 - 1.5.3 | |
BIG-IP Next SPK | 2.0.0 - 2.0.2 |
1.7.0 - 1.9.2 | |
BIG-IP SSL Orchestrator | 17.5.0 |
17.1.0 - 17.1.2 | |
16.1.0 - 16.1.3 | |
15.1.0 - 15.1.9 | |
BIG-IP ASM | 17.1.0 - 17.1.2 |
16.1.0 - 16.1.5 | |
BIG-IP PEM | 17.5.0 |
17.1.0 - 17.1.2 | |
16.1.0 - 16.1.6 | |
15.1.0 - 15.1.10 | |
BIG-IP Next CNF | 2.0.0 - 2.1.0 |
1.1.0 - 1.4.1 | |
BIG-IP Next for Kubernetes | 2.0.0 - 2.1.0 |
BIG-IP AFM | 17.5.0 |
17.1.0 - 17.1.2 | |
15.1.0 - 15.1.10 | |
BIG-IP Advanced WAF/ASM | 17.5.0 - 17.5.1 |
17.1.0 - 17.1.2 | |
16.1.0 - 16.1.6 | |
15.1.0 - 15.1.10 | |
F5 Silverline (all services) | Not applicable |
Mitigation
Users and administrators of the affected products versions are strongly advised to update to the latest versions immediately.
References
https://my.f5.com/manage/s/article/K000154696
https://my.f5.com/manage/s/article/K000156572