F5 Big-Ip Edge Client vulnerabilities
12 known vulnerabilities affecting f5/big-ip_edge_client.
Total CVEs
12
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH7MEDIUM4LOW1
Vulnerabilities
Page 1 of 1
CVE-2026-20730LOWCVSS 2.0≥ 7.2.5, < 7.2.6.22026-02-04
CVE-2026-20730 [LOW] CWE-200 CVE-2026-20730: A vulnerability exists in BIG-IP Edge Client and browser VPN clients on Windows that may allow attac
A vulnerability exists in BIG-IP Edge Client and browser VPN clients on Windows that may allow attackers to gain access to sensitive information. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
cvelistv5nvd
CVE-2025-48500HIGHCVSS 7.0≥ 7.2.4, < 7.2.5.32025-08-13
CVE-2025-48500 [HIGH] CWE-353 CVE-2025-48500: A missing file integrity check vulnerability exists on MacOS F5 VPN browser client installer that ma
A missing file integrity check vulnerability exists on MacOS F5 VPN browser client installer that may allow a local, authenticated attacker with access to the local file system to replace it with a malicious package installer.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
cvelistv5nvd
CVE-2024-28883HIGHCVSS 7.4≥ 7.2.3, < 7.2.4.42024-05-08
CVE-2024-28883 [HIGH] CWE-346 CVE-2024-28883: An origin validation vulnerability exists in
BIG-IP APM browser network access VPN client
for
An origin validation vulnerability exists in
BIG-IP APM browser network access VPN client
for Windows, macOS and Linux which may allow an attacker to bypass F5 endpoint inspection.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
cvelistv5nvd
CVE-2023-43611HIGHCVSS 7.8≥ 7.2.3, < 7.2.4.42023-10-10
CVE-2023-43611 [HIGH] CWE-347 BIG-IP Edge Client for macOS vulnerability
BIG-IP Edge Client for macOS vulnerability
The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating privileges during the installation process. This vulnerability is due to an incomplete fix for CVE-2023-38418. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
cvelistv5
CVE-2023-5450HIGHCVSS 7.8≥ 7.2.3, < 7.2.4.52023-10-10
CVE-2023-5450 [HIGH] CWE-345 CVE-2023-5450:
An insufficient verification of data vulnerability exists in BIG-IP Edge Client Installer on macOS
An insufficient verification of data vulnerability exists in BIG-IP Edge Client Installer on macOS that may allow an attacker elevation of privileges during the installation process.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
cvelistv5nvd
CVE-2023-43125HIGHCVSS 8.2≥ 7.2.3, < *2023-09-27
CVE-2023-43125 [MEDIUM] CWE-319 CVE-2023-43125:
BIG-IP APM clients may send IP traffic outside of the VPN tunnel. Note: Software versions which ha
BIG-IP APM clients may send IP traffic outside of the VPN tunnel. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
cvelistv5nvd
CVE-2023-43124HIGHCVSS 7.1≥ 7.2.3, < *2023-09-27
CVE-2023-43124 [MEDIUM] CWE-319 CVE-2023-43124:
BIG-IP APM clients may send IP traffic outside of the VPN tunnel. Note: Software versions which ha
BIG-IP APM clients may send IP traffic outside of the VPN tunnel. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
cvelistv5nvd
CVE-2023-38418HIGHCVSS 7.8≥ 7.2.3, < 7.2.4.42023-08-02
CVE-2023-38418 [HIGH] CWE-347 CVE-2023-38418:
The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating privileges d
The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating privileges during the installation process. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
cvelistv5nvd
CVE-2023-36858MEDIUMCVSS 5.5≥ 7.2.3, < 7.2.4.32023-08-02
CVE-2023-36858 [HIGH] CWE-345 CVE-2023-36858:
An insufficient verification of data vulnerability exists in BIG-IP Edge Client for Windows and mac
An insufficient verification of data vulnerability exists in BIG-IP Edge Client for Windows and macOS that may allow an attacker to modify its configured server list. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
cvelistv5nvd
CVE-2023-24461MEDIUMCVSS 5.9≥ 7.2.2, < 7.2.4.12023-05-03
CVE-2023-24461 [HIGH] CWE-295 CVE-2023-24461:
An improper certificate validation vulnerability exists in the BIG-IP Edge Client for Windows and m
An improper certificate validation vulnerability exists in the BIG-IP Edge Client for Windows and macOS and may allow an attacker to impersonate a BIG-IP APM system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
cvelistv5nvd
CVE-2023-22372MEDIUMCVSS 5.9≥ 7.2.2, < 7.2.4.12023-05-03
CVE-2023-22372 [MEDIUM] CWE-924 CVE-2023-22372:
In the pre connection stage, an improper enforcement of message integrity vulnerability exists in B
In the pre connection stage, an improper enforcement of message integrity vulnerability exists in BIG-IP Edge Client for Windows and Mac OS. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
cvelistv5nvd
CVE-2018-15316MEDIUMCVSS 5.5≥ 7101, ≤ 71602018-10-19
CVE-2018-15316 [MEDIUM] CVE-2018-15316: In F5 BIG-IP APM 13.0.0-13.1.1.1, APM Client 7.1.5-7.1.6, and/or Edge Client 7101-7160, the BIG-IP A
In F5 BIG-IP APM 13.0.0-13.1.1.1, APM Client 7.1.5-7.1.6, and/or Edge Client 7101-7160, the BIG-IP APM Edge Client component loads the policy library with user permission and bypassing the endpoint checks.
nvd