Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now

F5 has reclassified a BIG-IP APM denial-of-service (DoS) vulnerability as a critical-severity remote code execution (RCE) flaw, warning that attackers are exploiting it to deploy webshells on ...
Bleeping Computer

F5 releases BIG-IP patches for stolen security vulnerabilities

Cybersecurity company F5 has released security updates to address BIG-IP vulnerabilities stolen in a breach detected on August 9, 2025. The company disclosed today that state hackers breached its ...
Dark Reading

F5 BIG-IP Vulnerability Reclassified as RCE, Under Exploitation

A critical security vulnerability in F5's BIG-IP application security product line, which was first disclosed in October as a high-severity denial-of-service (DoS) flaw, is under active exploitation ...
Threat Post

F5 Warns of Critical Bug Allowing Remote Code Execution in BIG-IP Systems

The vulnerability is ‘critical’ with a CVSS severity rating of 9.8 out of 10. Application service provider F5 is warning a critical vulnerability allows unauthenticated hackers with network access to ...
ZDNet

F5 issues BIG-IP patches to tackle unauthenticated remote code execution, critical flaws

F5 Networks has pushed out patches to tackle four critical vulnerabilities in BIG-IP, one of which can be exploited for unauthenticated remote code execution (RCE) attacks. The enterprise networking ...
Threat Post

F5 Big-IP Vulnerable to Security-Bypass Bug

The KDC-spoofing flaw tracked as CVE-2021-23008 can be used to bypass Kerberos security and sign into the Big-IP Access Policy Manager or admin console. F5 Networks’ Big-IP Application Delivery ...
heise online

F5 BIG-IP: Attackers can bypass restrictions through access controls

Attackers can exploit a vulnerability in the F5 BIG-IP appliances to extend their rights and manipulate the configuration. This could compromise the BIG-IP system, the manufacturer warns. According to ...