Serial number: AV25-669
Date: October 15, 2025
On October 15, 2025, F5 published a security advisory to address vulnerabilities in the following products:
- BIG-IP (all modules) – versions 17.5.0 to 17.5.1, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.6, versions 15.1.0 to 15.1.10
- BIG-IP AFM – version 17.5.0, versions 17.1.0 to 17.1.2, versions 15.1.0 to 15.1.10
- BIG-IP APM – versions 17.5.0 to 17.5.1, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.6, versions 15.1.0 to 15.1.10
- BIG-IP APM, APM with SWG, SSL Orchestrator, SSL Orchestrator with SWG – version 17.5.0, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.6, versions 15.1.0 to 15.1.10
- BIG-IP ASM – versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.5
- BIG-IP Advanced WAF/ASM – versions 17.5.0 to 17.5.1, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.6, versions 15.1.0 to 15.1.10
- BIG-IP Next CNF – versions 2.0.0 to 2.1.0, versions 1.1.0 to 1.4.1
- BIG-IP Next SPK – versions 2.0.0 to 2.1.0, versions 1.7.0 to 1.9.2
- BIG-IP Next for Kubernetes – versions 2.0.0 to 2.1.0
- BIG-IP PEM – version 17.5.0, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.6, versions 15.1.0 to 15.1.10
- BIG-IP SSL Orchestrator – version 17.5.0, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.5, versions 15.1.0 to 15.1.10
- F5OS-A – versions 1.8.0 to 1.8.1, versions 1.5.1 to 1.5.3
- F5OS-C – version 1.8.0 to 1.8.1, versions 1.6.0 to 1.6.2
- NGINX App Protect WAF – versions 4.5.0 to 4.6.0
On October 15, 2025, F5 also published security incident K000154696 advising that threat actors exfiltrated files from BIG-IP products and they are not aware of active exploitation of any undisclosed F5 vulnerabilities.
The Cyber Centre encourages users/administrators to review the links provided below, to identify F5 BIG-IP products, evaluate and address any potential compromise on any networked managed interface exposed to the public internet and apply F5 security updates.