cve detail
CVE-2025-53521
naam
F5 BIG-IP Stack-Based Buffer Overflow Vulnerability
F5 BIG-IP APM contains a stack-based buffer overflow vulnerability that could allow a threat actor to achieve remote code execution.
KEV
bekend misbruikt
EPSS
7,5%
percentiel
92%
vendor
F5
product
BIG-IP
toegevoegd aan KEV
27 mrt 2026
due date
30 mrt 2026
ransomware
Unknown
CWE
CWE-121
EPSS datum
12 mei 2026
aanbevolen actie
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
notities
Please adhere to F5’s guidelines to assess exposure and mitigate risks. Check for signs of potential compromise on all internet accessible F5 products affected by this vulnerability. For more information please see: https://my.f5.com/manage/s/article/K000156741 ; https://my.f5.com/manage/s/article/K000160486 ; https://my.f5.com/manage/s/article/K11438344 ; https://nvd.nist.gov/vuln/detail/CVE-2025-53521