Unrated severityNVD Advisory· Published Oct 15, 2025· Updated Feb 26, 2026
BIG-IP PEM vulnerability
CVE-2025-54479
Description
When a classification profile is configured on a virtual server without an HTTP or HTTP/2 profile, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Affected products
3- F5/BIG-IPv5Range: 17.5.0
- F5/BIG-IP Next CNFv5Range: 2.0.0
- F5/BIG-IP Next for Kubernetesv5Range: 2.0.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- my.f5.com/manage/s/article/K000151475mitrevendor-advisory
News mentions
0No linked articles in our index yet.