Severity
High
Analysis Summary
CVE-2025-41431 CVSS:7.5
F5 BIG-IP is vulnerable to a denial of service, caused by a flaw when connection mirroring is configured on a virtual server.
CVE-2025-35995 CVSS:7.5
F5 BIG-IP is vulnerable to a denial of service, caused by a flaw when a BIG-IP PEM system is licensed with URL categorization, and the URL categorization policy or an iRule with the urlcat command is enabled on a virtual server.
CVE-2025-36525 CVSS:7.5
F5 BIG-IP is vulnerable to a denial of service, caused by a flaw when a BIG-IP APM virtual server is configured to use a PingAccess profile.
CVE-2025-41433 CVSS:7.5
F5 BIG-IP is vulnerable to a denial of service, caused by a flaw when a Session Initiation Protocol (SIP) message routing framework (MRF) application layer gateway (ALG) profile is configured on a Message Routing virtual server.
CVE-2025-41414 CVSS:7.5
F5 BIG-IP is vulnerable to a denial of service, caused by a flaw when HTTP/2 client and server profile is configured on a virtual server.
Impact
- Denial of Service
Indicators of Compromise
CVE
- CVE-2025-41431
- CVE-2025-35995
- CVE-2025-36525
- CVE-2025-41433
- CVE-2025-41414
Affected Vendors
- F5
Affected Products
- F5 BIG-IP - 17.1.0
- F5 BIG-IP - 15.1.0
- F5 BIG-IP - 16.1.0
- F5 BIG-IP Next SPK - 1.8.0
- F5 BIG-IP Next SPK - 1.7.0
- F5 BIG-IP Next CNF - 1.1.0
Remediation
Refer to F5 Security Advisory for patch, upgrade, or suggested workaround information.