CVE-2025-53521

CWE-121Stack-based Buffer Overflow9 documents8 sources
9.3
CVSS
CRITICAL
EPSS41.4%(97th)
CISA KEV
CISA Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages1 packages

NVDf5/big-ip_access_policy_manager15.1.015.1.10.8+3
When a BIG-IP APM access policy is configured on a virtual server, specific malicious traffic can lead to Remote Code Execution (RCE). Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
NVDMITRE

🔴Vulnerability Details

2
CVEList
BigIP APM Vulnerability2025-10-15
VulnCheck
F5 BIG-IP Stack-Based Buffer Overflow Vulnerability2025

📋Vendor Advisories

2
CISA
F5 BIG-IP Stack-Based Buffer Overflow Vulnerability2026-03-27
F5
CVE-2025-53521: When a BIG-IP APM access policy is configured on a virtual server, specific malicious traffic can lead to Remote Code...2025-10-15

🕵️Threat Intelligence

4
Bleepingcomputer
Over 14,000 F5 BIG-IP APM instances still exposed to RCE attacks2026-04-02
Bleepingcomputer
Hackers exploiting critical F5 BIG-IP flaw in attacks, patch now2026-03-30
Hackernews
CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation2026-03-28
Blog
CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation2026-03-28