cbcvebase.
CVE-2025-53868
published 2025-10-15

CVE-2025-53868: When running in Appliance mode, a highly privileged authenticated attacker with access to SCP and SFTP may be able to bypass Appliance mode restrictions using…

high8.5CVSS 4.0
AVNACLATNPRHUINVCHVIHVANSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
When running in Appliance mode, a highly privileged authenticated attacker with access to SCP and SFTP may be able to bypass Appliance mode restrictions using undisclosed commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Affected

108 ranges· showing 25
VendorProductVersion rangeFixed in
f5big-ip>= 15.1.0 < 15.1.10.815.1.10.8
f5big-ip>= 16.1.0 < 16.1.6.116.1.6.1
f5big-ip>= 17.1.0 < 17.1.3.117.1.3.1
f5big-ip>= 17.5.0 < 17.5.117.5.1
f5big-ip_aam
f5big-ip_access_policy_manager>= 15.1.0 < 15.1.10.815.1.10.8
f5big-ip_access_policy_manager>= 16.1.0 < 16.1.6.116.1.6.1
f5big-ip_access_policy_manager>= 17.1.0 < 17.1.317.1.3
f5big-ip_access_policy_manager17.5.0 – 17.5.1
f5big-ip_advanced_firewall_manager>= 15.1.0 < 15.1.10.815.1.10.8
f5big-ip_advanced_firewall_manager>= 16.1.0 < 16.1.6.116.1.6.1
f5big-ip_advanced_firewall_manager>= 17.1.0 < 17.1.317.1.3
f5big-ip_advanced_firewall_manager17.5.0 – 17.5.1
f5big-ip_advanced_waf
f5big-ip_advanced_web_application_firewall>= 15.1.0 < 15.1.10.815.1.10.8
f5big-ip_advanced_web_application_firewall>= 16.1.0 < 16.1.6.116.1.6.1
f5big-ip_advanced_web_application_firewall>= 17.1.0 < 17.1.317.1.3
f5big-ip_advanced_web_application_firewall17.5.0 – 17.5.1
f5big-ip_afm
f5big-ip_analytics
f5big-ip_analytics>= 15.1.0 < 15.1.10.815.1.10.8
f5big-ip_analytics>= 16.1.0 < 16.1.6.116.1.6.1
f5big-ip_analytics>= 17.1.0 < 17.1.317.1.3
f5big-ip_analytics17.5.0 – 17.5.1
f5big-ip_apm