CERT-EU 2025-10-15

2025-037: Multiple Vulnerabilities in F5 Products

Machine-generated analysis · WAYSCloud LLM

A nation-state actor accessed F5's source code and undisclosed vulnerability information. Patches were released on the same day as the disclosure.

Context

F5 produces BIG-IP, a widely used application delivery controller and traffic management system. The advisory indicates that an attacker gained access to F5's development environment and information about vulnerabilities before they were publicly known. Worth noting: the advisory states there is currently no known exploitation of these vulnerabilities.

Operator considerations

Check: Inventory all F5 BIG-IP instances for affected versions.
Patch: Apply the patches released by F5 on October 15, 2025.

From Computer Emergency Response Team for the EU institutions ↗

On October 15, 2025, F5 disclosed that a sophisticated nation-state actor breached its systems and maintained long-term persistent access into F5's infrastructure. This included access to BIG-IP product development source code and to information related to security vulnerabilities that had not yet been disclosed nor patched. F5 released patches on the same day to address the vulnerabilities.

There is currently no known exploitation of these vulnerabilities. CERT-EU strongly recommends to patch affected F5 products as soon as possible.

Read the full advisory on CERT-EU →