CVE-2025-53860

CWE-2144 documents4 sources
Severity
5.6MEDIUM
EPSS
0.0%
top 96.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
F5 F5os - ApplianceF5 F5os-a
Timeline
PublishedOct 15

Description

A vulnerability exists in F5OS-A software that allows a highly privileged authenticated attacker to access sensitive FIPS hardware security module (HSM) information on F5 rSeries systems. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Packages2 packages

NVDf5/f5os-a1.5.11.5.3+1
CVEListV5f5/f5os_-_appliance1.8.01.8.3+1

🔴Vulnerability Details

2
CVEList
F5OS-A FIPS HSM vulnerability2025-10-15
GHSA
GHSA-8823-9q64-85pj: A vulnerability exists in F5OS-A software that allows a highly privileged authenticated attacker to access sensitive FIPS hardware security module (HS2025-10-15

📋Vendor Advisories

1
F5
CVE-2025-53860: A vulnerability exists in F5OS-A software that allows a highly privileged authenticated attacker to access sensitive ...2025-10-15
CVE-2025-53860 (MEDIUM CVSS 5.6) | A vulnerability exists in F5OS-A so | cvebase.io