CVE-2025-53521: F5 BIG-IP Unspecified Vulnerability

CVE ID

CVE-2025-53521

Vulnerability Name

F5 BIG-IP Unspecified Vulnerability

• Project: F5
• Product: BIG-IP

Date

• Date Added: 2026-03-27
• Due Date: 2026-03-30

Description

F5 BIG-IP APM contains an unspecified vulnerability that could allow a threat actor to achieve remote code execution.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Additional Notes

Please adhere to F5’s guidelines to assess exposure and mitigate risks. Check for signs of potential compromise on all internet accessible F5 products affected by this vulnerability. For more information please see: https://my.f5.com/manage/s/article/K000156741 ; https://my.f5.com/manage/s/article/K000160486 ; https://my.f5.com/manage/s/article/K11438344 ; https://nvd.nist.gov/vuln/detail/CVE-2025-53521

Related Security News

• Attackers are exploiting RCE vulnerability in BIG-IP APM systems (CVE-2025-53521)
• CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation

More CVEs Info

Common Vulnerabilities & Exposures (CVE) List