Request a Demo
Rewterz
RedLine Stealer – Active IOCs
October 17, 2025
Rewterz
ICS: Multiple Rockwell Automation Products Vulnerabilities
October 17, 2025

Multiple F5 Networks Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2025-57780 CVSS:8.8

F5 F5OS-A and F5OS-C could allow a local authenticated attacker to gain elevated privileges on the system, caused by an execution with unnecessary privileges flaw.

CVE-2025-41430 CVSS:7.5

F5 BIG-IP SSL Orchestrator is vulnerable to a denial of service, caused by a way to terminate Traffic Management Microkernel (TMM), when SSL Orchestrator is enabled.

CVE-2025-61955 CVSS:8.8

F5 F5OS-A and F5OS-C could allow a local authenticated attacker to gain elevated privileges on the system, caused by an Eval injection flaw.

CVE-2025-53868 CVSS:8.7

F5 BIG-IP could allow a remote authenticated attacker to bypass Appliance mode restrictions, caused by an undisclosed commands flaw when running in Appliance mode.

CVE-2025-61951 CVSS:7.5

F5 BIG-IP is vulnerable to a denial of service, caused by a way to terminate Traffic Management Microkernel (TMM), when a Datagram Transport Layer Security (DTLS) 1.2 virtual server is enabled with a Server SSL profile that is configured with a certificate, key, and the SSL Sign Hash set to ANY, and the backend server is enabled with DTLS 1.2 and client authentication.

CVE-2025-54479 CVSS:7.5

F5 BIG-IP is vulnerable to a denial of service, caused by a way to terminate Traffic Management Microkernel (TMM), when a classification profile is configured on a virtual server without an HTTP or HTTP/2 profile.

Impact

  • Denial of Service
  • Security Bypass
  • Privilege Escalation

Indicators of Compromise

CVE

  • CVE-2025-57780
  • CVE-2025-41430
  • CVE-2025-61955
  • CVE-2025-53868
  • CVE-2025-61951
  • CVE-2025-54479

Affected Vendors

  • F5

Affected Products

  • F5 BIG-IP - 16.1.0 - 16.1.6
  • F5 BIG-IP - 15.1.0 - 15.1.10
  • F5 F5OS-A - 1.5.1 - 1.5.3 - 1.8.0
  • F5 F5OS-C - 1.6.0 - 1.6.2 - 1.8.0 - 1.8.1
  • F5 BIG-IP SSL Orchestrator - 17.1.0 - 17.1.2 -17.5.0
  • F5 BIG-IP SSL Orchestrator - 16.1.0 - 16.1.3
  • F5 BIG-IP SSL Orchestrator - 15.1.0 - 15.1.9
  • F5 BIG-IP - 17.1.0 - 17.1.2 - 17.5.0
  • F5 BIG-IP PEM - 17.1.0 - 17.1.2 - 17.5.0
  • F5 BIG-IP PEM - 16.1.0 - 16.1.6
  • F5 BIG-IP PEM - 15.1.0 - 15.1.10
  • F5 BIG-IP Next CNF - 2.0.0 - 2.0.1 - 2.0.2 - 2.1.0
  • F5 BIG-IP Next CNF - 1.1.0 - 1.4.0
  • F5 BIG-IP Next for Kubernetes - 2.0.0 - 2.1.0

Remediation

Refer to F5 Security Advisory for patch, upgrade or suggested workaround information.

CVE-2025-57780

CVE-2025-41430

CVE-2025-61955

CVE-2025-53868

CVE-2025-61951

CVE-2025-54479