F5 Big-Ip Application Acceleration Manager vulnerabilities

CVE-2026-20732 [LOW] CWE-451 CVE-2026-20732: A vulnerability exists in an undisclosed BIG-IP Configuration utility page that may allow an attacke A vulnerability exists in an undisclosed BIG-IP Configuration utility page that may allow an attacker to spoof error messages. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVE-2025-46706 [HIGH] CWE-770 CVE-2025-46706: When an iRule containing the HTTP::respond command is configured on a virtual server, undisclosed re When an iRule containing the HTTP::respond command is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVE-2025-59481 [HIGH] CWE-250 CVE-2025-59481: A vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell (tmsh) command that may A vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell (tmsh) command that may allow an authenticated attacker with at least resource administrator role to execute arbitrary system commands with higher privileges. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached

CVE-2025-61990 [HIGH] CWE-415 CVE-2025-61990: When using a multi-bladed platform with more than one blade, undisclosed traffic can cause the Traff When using a multi-bladed platform with more than one blade, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVE-2025-48008 [HIGH] CWE-416 CVE-2025-48008: When a TCP profile with Multipath TCP (MPTCP) enabled is configured on a virtual server, undisclosed When a TCP profile with Multipath TCP (MPTCP) enabled is configured on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVE-2025-59483 [HIGH] CWE-73 CVE-2025-59483: A validation vulnerability exists in an undisclosed URL in the Configuration utility.  Note: Softwar A validation vulnerability exists in an undisclosed URL in the Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVE-2025-53474 [HIGH] CWE-120 CVE-2025-53474: When an iRule using an ILX::call command is configured on a virtual server, undisclosed traffic can When an iRule using an ILX::call command is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVE-2025-58153 [HIGH] CWE-667 CVE-2025-58153: Under undisclosed traffic conditions along with conditions beyond the attacker's control, hardware s Under undisclosed traffic conditions along with conditions beyond the attacker's control, hardware systems with a High-Speed Bridge (HSB) may experience a lockup of the HSB. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVE-2025-53868 [HIGH] CWE-78 CVE-2025-53868: When running in Appliance mode, a highly privileged authenticated attacker with access to SCP and SF When running in Appliance mode, a highly privileged authenticated attacker with access to SCP and SFTP may be able to bypass Appliance mode restrictions using undisclosed commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVE-2025-61951 [HIGH] CWE-125 CVE-2025-61951: Undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.  This issue may Undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. This issue may occur when a Datagram Transport Layer Security (DTLS) 1.2 virtual server is enabled with a Server SSL profile that is configured with a certificate, key, and the SSL Sign Hash set to ANY, and the backend server is enabled with DTLS 1.2 and client authen

CVE-2025-53856 [HIGH] CWE-705 CVE-2025-53856: When a virtual server, network address translation (NAT) object, or secure network address translati When a virtual server, network address translation (NAT) object, or secure network address translation (SNAT) object uses the embedded Packet Velocity Acceleration (ePVA) feature, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. To determine which BIG-IP platforms have an ePVA chip refer to K12837: Overview of the e

CVE-2025-59269 [HIGH] CWE-79 CVE-2025-59269: A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Config A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVE-2025-58096 [HIGH] CWE-787 CVE-2025-58096: When the database variable tm.tcpudptxchecksum is configured as non-default value Software-only on a When the database variable tm.tcpudptxchecksum is configured as non-default value Software-only on a BIG-IP system, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVE-2025-59781 [HIGH] CWE-459 CVE-2025-59781: When DNS cache is configured on a BIG-IP or BIG-IP Next CNF virtual server, undisclosed DNS queries When DNS cache is configured on a BIG-IP or BIG-IP Next CNF virtual server, undisclosed DNS queries can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVE-2025-61958 [HIGH] CWE-250 CVE-2025-61958: A vulnerability exists in the iHealth command that may allow an authenticated attacker with at least A vulnerability exists in the iHealth command that may allow an authenticated attacker with at least a resource administrator role to bypass tmsh restrictions and gain access to a bash shell. For BIG-IP systems running in Appliance mode, a successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reache

CVE-2025-58071 [HIGH] CWE-457 CVE-2025-58071: When IPsec is configured on the BIG-IP system, undisclosed traffic can cause the Traffic Management When IPsec is configured on the BIG-IP system, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVE-2025-59268 [MEDIUM] CWE-201 CVE-2025-59268: On the BIG-IP system, undisclosed endpoints that contain static non-sensitive information are access On the BIG-IP system, undisclosed endpoints that contain static non-sensitive information are accessible to an unauthenticated remote attacker through the Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVE-2025-58424 [MEDIUM] CWE-340 CVE-2025-58424: On BIG-IP systems, undisclosed traffic can cause data corruption and unauthorized data modification On BIG-IP systems, undisclosed traffic can cause data corruption and unauthorized data modification in protocols which do not have message integrity protection. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVE-2025-54755 [MEDIUM] CWE-22 CVE-2025-54755: A directory traversal vulnerability exists in TMUI that allows a highly privileged authenticated att A directory traversal vulnerability exists in TMUI that allows a highly privileged authenticated attacker to access files which are not limited to the intended files. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVE-2025-52585 [HIGH] CWE-476 CVE-2025-52585: When a BIG-IP LTM Client SSL profile is configured on a virtual server with SSL Forward Proxy enable When a BIG-IP LTM Client SSL profile is configured on a virtual server with SSL Forward Proxy enabled and Anonymous Diffie-Hellman (ADH) ciphers enabled, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.