Critical severity9.8CISA KEVNVD Advisory· Published Oct 15, 2025· Updated Apr 2, 2026
CVE-2025-53521
CVE-2025-53521
Description
When a BIG-IP APM access policy is configured on a virtual server, specific malicious traffic can lead to Remote Code Execution (RCE).
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- my.f5.com/manage/s/article/K000156741nvdVendor Advisory
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
0No linked articles in our index yet.