F5 Released Security Updates Covering Multiple Products Following Recent Hack

Posted on By CWS

F5 Networks, a number one supplier of software safety and supply options, has disclosed a big safety breach involving a nation-state menace actor, prompting the discharge of important updates for its core merchandise.

Detected in August 2025, the incident uncovered inside techniques to extended unauthorized entry, resulting in the theft of BIG-IP supply code and undisclosed vulnerability information.

In response, F5 has rolled out patches throughout BIG-IP, F5OS, BIG-IQ, APM purchasers, and BIG-IP Subsequent for Kubernetes to safeguard clients amid heightened dangers.

The intrusion got here to gentle on August 9, 2025, when F5 recognized suspicious exercise inside its BIG-IP product growth setting and engineering information platforms.

The superior adversary maintained persistent entry, exfiltrating delicate recordsdata together with parts of supply code and configuration particulars for a restricted variety of clients.

No proof suggests alterations to the software program provide chain or impacts on manufacturing techniques, however the stolen mental property raises issues about potential zero-day exploits concentrating on unpatched deployments.

F5 swiftly contained the menace by complete measures, halting additional unauthorized actions and confirming no ongoing intrusions.

The corporate enlisted high cybersecurity companies like CrowdStrike and Mandiant for investigation help, whereas collaborating with legislation enforcement and authorities businesses.

This proactive stance aligns with F5’s vulnerability administration practices, now intensified to bolster enterprise and product safety postures.

The U.S. Cybersecurity and Infrastructure Safety Company (CISA) responded with Emergency Directive ED 26-01, mandating federal businesses to patch and isolate affected F5 property instantly.

F5 Safety Updates

On October 15, 2025, F5 printed its Quarterly Safety Notification, detailing 44 vulnerabilities addressed within the newest releases, many tied to the breach’s implications.

Excessive-severity CVEs dominate, with scores as much as 8.7 beneath CVSS v3.1, affecting parts like SCP/SFTP in BIG-IP (CVE-2025-53868) and F5OS platforms (CVE-2025-61955).

These flaws allow potential denial-of-service, privilege escalation, and distant code execution, notably in equipment modes the place dangers escalate.

Medium and low-risk points embody iControl REST vulnerabilities (CVE-2025-59481) and configuration utility exposures, mounted in variations comparable to BIG-IP 17.5.1.3 and F5OS-C 1.8.2.

Excessive Severity Vulnerabilities

CVE IDCVSS Rating (v3.1 / v4.0)Affected ProductsAffected VersionsFixes Launched InCVE-2025-53868​8.7 / 8.5BIG-IP (all modules)17.5.0, 17.1.0-17.1.2, 16.1.0-16.1.6, 15.1.0-15.1.1017.5.1, 17.1.3, 16.1.6.1, 15.1.10.8CVE-2025-61955​7.8 (commonplace) / 8.8 (equipment) / 8.5F5OS-A, F5OS-CF5OS-A: 1.8.0^3, 1.5.1-1.5.3; F5OS-C: 1.8.0-1.8.1, 1.6.0-1.6.2^3F5OS-A: 1.8.3, 1.5.4; F5OS-C: 1.8.2, 1.6.4CVE-2025-57780​7.8 (commonplace) / 8.8 (equipment) / 8.5F5OS-A, F5OS-CF5OS-A: 1.8.0^3, 1.5.1-1.5.3; F5OS-C: 1.8.0-1.8.1, 1.6.0-1.6.2^3F5OS-A: 1.8.3, 1.5.4; F5OS-C: 1.8.2, 1.6.4CVE-2025-60016​7.5 / 8.7BIG-IP (all modules), BIG-IP Subsequent SPK, BIG-IP Subsequent CNFBIG-IP: 17.1.0-17.1.1; Subsequent SPK: 1.7.0-1.9.2; Subsequent CNF: 1.1.0-1.3.3BIG-IP: 17.1.2; Subsequent SPK: 2.0.0; Subsequent CNF: 2.0.0, 1.4.0CVE-2025-48008​7.5 / 8.7BIG-IP (all modules), BIG-IP Subsequent SPK, BIG-IP Subsequent CNFBIG-IP: 17.1.0-17.1.2, 16.1.0-16.1.5, 15.1.0-15.1.10; Subsequent SPK: 1.7.0-1.9.2; Subsequent CNF: 1.1.0-1.4.1BIG-IP: 17.1.2.2, 16.1.6, 15.1.10.8; Subsequent SPK: None; Subsequent CNF: NoneCVE-2025-59781​7.5 / 8.7BIG-IP (all modules), BIG-IP Subsequent CNFBIG-IP: 17.1.0-17.1.2, 16.1.0-16.1.5, 15.1.0-15.1.10; Subsequent CNF: 1.1.0-1.4.0BIG-IP: 17.1.2.2, 16.1.6, 15.1.10.8; Subsequent CNF: 1.4.0 EHF-3^4CVE-2025-41430​7.5 / 8.7BIG-IP SSL Orchestrator17.5.0, 17.1.0-17.1.2, 16.1.0-16.1.3, 15.1.0-15.1.917.5.1, 17.1.3, 16.1.4CVE-2025-55669​7.5 / 8.7BIG-IP ASM17.1.0-17.1.2, 16.1.0-16.1.517.1.2.2, 16.1.6CVE-2025-61951​7.5 / 8.7BIG-IP (all modules)17.5.0, 17.1.0-17.1.2, 16.1.0-16.1.617.5.1, 17.1.3, 16.1.6.1CVE-2025-55036​7.5 / 8.7BIG-IP SSL Orchestrator17.1.0-17.1.2, 16.1.0-16.1.5, 15.1.0-15.1.1017.1.3, 16.1.6, 15.1.10.8CVE-2025-54479​7.5 / 8.7BIG-IP PEM, BIG-IP Subsequent CNF, BIG-IP Subsequent for KubernetesBIG-IP PEM: 17.5.0, 17.1.0-17.1.2, 16.1.0-16.1.6, 15.1.0-15.1.10; Subsequent CNF: 2.0.0-2.1.0, 1.1.0-1.4.0; Subsequent K8s: 2.0.0-2.1.0BIG-IP PEM: 17.5.1, 17.1.3, 16.1.6.1, 15.1.10.8; Subsequent CNF: 2.1.0 EHF-1^4, 2.0.2 EHF-2^4, 2.0.0 EHF-2^4, 1.4.0 EHF-3^4; Subsequent K8s: 2.1.0 EHF-2^4CVE-2025-46706​7.5 / 8.7BIG-IP (all modules), BIG-IP Subsequent SPK, BIG-IP Subsequent CNFBIG-IP: 17.1.0-17.1.2, 16.1.0-16.1.5; Subsequent SPK: 1.7.0-1.9.2; Subsequent CNF: 1.1.0-1.4.1BIG-IP: 17.1.2.2, 16.1.6; Subsequent SPK: 2.0.0, 1.7.14 EHF-2^4; Subsequent CNF: 2.0.0, 1.4.0 EHF-3^4CVE-2025-59478​7.5 / 8.7BIG-IP AFM17.5.0, 17.1.0-17.1.2, 15.1.0-15.1.1017.5.1, 17.1.3, 15.1.10.8CVE-2025-61938​7.5 / 8.7BIG-IP Superior WAF/ASM17.5.0, 17.1.0-17.1.217.5.1, 17.1.3CVE-2025-54858​7.5 / 8.7BIG-IP Superior WAF/ASM17.5.0-17.5.1, 17.1.0-17.1.2, 16.1.0-16.1.6, 15.1.0-15.1.1017.5.1.3, 17.1.3, 16.1.6.1, 15.1.10.8CVE-2025-58120​7.5 / 8.7BIG-IP Subsequent SPK, BIG-IP Subsequent CNF, BIG-IP Subsequent for KubernetesNext SPK: 2.0.0, 1.7.0-1.7.14; Subsequent CNF: 2.0.0, 1.1.0-1.4.1; Subsequent K8s: 2.0.0Next SPK: 2.0.1, 1.7.14 EHF-2^4; Subsequent CNF: 2.0.1; Subsequent K8s: 2.1.0CVE-2025-53856​7.5 / 8.7BIG-IP (all modules)17.5.0-17.5.1, 17.1.0-17.1.2, 16.1.0-16.1.6, 15.1.0-15.1.1017.5.1.3, 17.1.3, 16.1.6.1, 15.1.10.8CVE-2025-61974​7.5 / 8.7BIG-IP (all modules), BIG-IP Subsequent SPK, BIG-IP Subsequent CNF, BIG-IP Subsequent for KubernetesBIG-IP: 17.5.0-17.5.1, 17.1.0-17.1.2, 16.1.0-16.1.6, 15.1.0-15.1.10; Subsequent SPK: 2.0.0-2.0.2, 1.7.0-1.9.2; Subsequent CNF: 2.0.0-2.1.0, 1.1.0-1.4.1; Subsequent K8s: 2.0.0-2.1.0BIG-IP: 17.5.1.3, 17.1.3, 16.1.6.1, 15.1.10.8; Subsequent SPK: 2.1.0 EHF-1^4, 2.0.2 EHF-2^4, 2.0.0 EHF-2^4, 1.7.14 EHF-2^4; Subsequent CNF: 2.1.0 EHF-1^4, 2.0.2 EHF-2^4, 2.0.0 EHF-2^4, 1.4.0 EHF-3^4; Subsequent K8s: 2.1.0 EHF-1^4CVE-2025-58071​7.5 / 8.7BIG-IP (all modules), BIG-IP Subsequent CNF, BIG-IP Subsequent for KubernetesBIG-IP: 17.5.0, 17.1.0-17.1.2, 16.1.0-16.1.6, 15.1.0-15.1.10; Subsequent CNF: 2.0.0-2.1.0, 1.1.0-1.4.1; Subsequent K8s: 2.0.0-2.1.0BIG-IP: 17.5.1, 17.1.3, 16.1.6.1, 15.1.10.8; Subsequent CNF: 2.1.0 EHF-1^4, 2.0.2 EHF-2^4, 2.0.0 EHF-2^4, 1.4.0 EHF-3^4; Subsequent K8s: 2.1.0 EHF-1^4CVE-2025-53521​7.5 / 8.7BIG-IP APM17.5.0-17.5.1, 17.1.0-17.1.2, 16.1.0-16.1.6, 15.1.0-15.1.1017.5.1.3, 17.1.3, 16.1.6.1, 15.1.10.8CVE-2025-61960​7.5 / 8.7BIG-IP APM17.5.0-17.5.1, 17.1.0-17.1.2, 16.1.0-16.1.617.5.1.3, 17.1.3, 16.1.6.1CVE-2025-54854​7.5 / 8.7BIG-IP APM17.5.0-17.5.1, 17.1.0-17.1.2, 16.1.0-16.1.6, 15.1.0-15.1.1017.5.1.3, 17.1.3, 16.1.6.1, 15.1.10.8CVE-2025-53474​7.5 / 8.7BIG-IP APM17.5.0-17.5.1, 17.1.0-17.1.2, 16.1.0-16.1.6, 15.1.0-15.1.1017.5.1.3, 17.1.3, 16.1.6.1, 15.1.10.8CVE-2025-61990​7.5 / 8.7BIG-IP (all modules), BIG-IP Subsequent SPK, BIG-IP Subsequent CNF, BIG-IP Subsequent for KubernetesBIG-IP: 17.5.0-17.5.1, 17.1.0-17.1.2, 16.1.0-16.1.6, 15.1.0-15.1.10; Subsequent SPK: 2.0.0-2.0.2, 1.7.0-1.9.2; Subsequent CNF: 2.0.0-2.1.0, 1.1.0-1.4.1; Subsequent K8s: 2.0.0-2.1.0BIG-IP: 17.5.1.3, 17.1.3, 16.1.6.1, 15.1.10.8; Subsequent SPK: 2.1.0 EHF-1^4, 2.0.2 EHF-2^4, 2.0.0 EHF-2^4, 1.7.15 EHF-2^4; Subsequent CNF: 2.1.0 EHF-1^4, 2.0.2 EHF-2^4, 2.0.0 EHF-2^4, 1.4.0 EHF-3^4; Subsequent K8s: 2.1.0 EHF-1^4CVE-2025-58096​7.5 / 8.7BIG-IP (all modules)17.5.0-17.5.1, 17.1.0-17.1.2, 16.1.0-16.1.6, 15.1.0-15.1.1017.5.1.3, 17.1.3, 16.1.6.1, 15.1.10.8CVE-2025-61935​7.5 / 8.7BIG-IP Superior WAF/ASM17.5.0, 17.1.0-17.1.2, 15.1.0-15.1.1017.5.1, 17.1.3, 15.1.10.8CVE-2025-59778​7.5 / 7.7F5OS-C1.8.0-1.8.1, 1.6.0-1.6.2^31.8.2, 1.6.4

Medium Severity Vulnerabilities

CVE IDCVSS Rating (v3.1 / v4.0)Affected ProductsAffected VersionsFixes Launched InCVE-2025-59481​6.5 (commonplace) / 8.7 (equipment) / 8.5BIG-IP (all modules)17.5.0-17.5.1, 17.1.0-17.1.2, 16.1.0-16.1.6, 15.1.0-15.1.1017.5.1.3, 17.1.3, 16.1.6.1, 15.1.10.8CVE-2025-61958​6.5 (commonplace) / 8.7 (equipment) / 8.5BIG-IP (all modules)17.5.0-17.5.1, 17.1.0-17.1.2, 16.1.0-16.1.6, 15.1.0-15.1.1017.5.1.1, 17.1.3, 16.1.6.1, 15.1.10.8CVE-2025-47148​6.5 / 7.1BIG-IP APM, APM with SWG, SSL Orchestrator, SSL Orchestrator with SWG17.5.0, 17.1.0-17.1.2, 16.1.0-16.1.6, 15.1.0-15.1.1017.5.1, 17.1.3, 16.1.6.1, 15.1.10.8CVE-2025-47150​6.5 / 7.1F5OS-A, F5OS-CF5OS-A: 1.8.0-1.8.1^3, 1.5.1-1.5.2; F5OS-C: 1.6.0-1.6.2^3, 1.8.0F5OS-A: 1.8.3, 1.5.3; F5OS-C: 1.6.4CVE-2025-55670​6.5 / 7.1BIG-IP Subsequent SPK, BIG-IP Subsequent CNF, BIG-IP Subsequent for KubernetesNext SPK: 1.7.0-1.9.2; Subsequent CNF: 1.1.0-1.4.1; Subsequent K8s: 2.0.0Next SPK: None; Subsequent CNF: None; Subsequent K8s: 2.1.0CVE-2025-54805​6.5 / 6.0BIG-IP Subsequent SPK, BIG-IP Subsequent CNF, BIG-IP Subsequent for KubernetesNext SPK: 1.7.0-1.9.2; Subsequent CNF: 1.1.0-1.4.1; Subsequent K8s: 2.0.0Next SPK: 2.0.0; Subsequent CNF: 2.0.0; Subsequent K8s: 2.1.0CVE-2025-59269​6.1 / 8.4BIG-IP (all modules)17.5.0, 17.1.0-17.1.2, 16.1.0-16.1.6, 15.1.0-15.1.1017.5.1, 17.1.3, 16.1.6.1, 15.1.10.8CVE-2025-58153​5.9 / 8.2BIG-IP (all modules)17.5.0, 16.1.0-16.1.6, 15.1.0-15.1.1017.5.1, 16.1.6.1, 15.1.10.8CVE-2025-60015​5.7 / 6.9F5OS-A, F5OS-CF5OS-A: 1.8.0^3, 1.5.1-1.5.3; F5OS-C: 1.8.0-1.8.1, 1.6.0-1.6.2^3F5OS-A: 1.8.3, 1.5.4; F5OS-C: 1.8.2, 1.6.4CVE-2025-59483​6.5 / 8.5BIG-IP (all modules)17.5.0-17.5.1, 17.1.0-17.1.2, 16.1.0-16.1.6, 15.1.0-15.1.1017.5.1.3, 17.1.3, 16.1.6.1, 15.1.10.8CVE-2025-60013​5.7 / 4.6F5OS-A1.8.0^3, 1.5.1-1.5.31.8.3, 1.5.4CVE-2025-59268​5.3 / 6.9BIG-IP (all modules)17.5.0-17.5.1, 17.1.0-17.1.2, 16.1.0-16.1.6, 15.1.0-15.1.1017.5.1.3, 17.1.3, 16.1.6.1, 15.1.10.8CVE-2025-58474 ​5.3 / 6.9BIG-IP Superior WAF/ASM, NGINX App Defend WAFBIG-IP: 17.1.0-17.1.1; NGINX: 4.5.0-4.6.0BIG-IP: 17.1.2; NGINX: 4.7.0CVE-2025-61933 ​6.1 / 5.1BIG-IP APM17.5.0-17.5.1, 17.1.0-17.1.2, 16.1.0-16.1.6, 15.1.0-15.1.1017.5.1.3, 17.1.3, 16.1.6.1, 15.1.10.8CVE-2025-54755 ​4.9 / 6.9BIG-IP (all modules)17.5.0-17.5.1, 17.1.0-17.1.2, 16.1.0-16.1.6, 15.1.0-15.1.1017.5.1.3, 17.1.3, 16.1.6.1, 15.1.10.8CVE-2025-53860 ​4.1 / 5.6F5OS-A1.8.0^3, 1.5.1-1.5.21.8.3, 1.5.3

Low Severity Vulnerabilities

CVE IDCVSS Rating (v3.1 / v4.0)Affected ProductsAffected VersionsFixes Launched InCVE-2025-58424 ​3.7 / 6.3BIG-IP (all modules), F5 Silverline (all companies)BIG-IP: 17.1.0-17.1.2, 16.1.0-16.1.5, 15.1.0-15.1.10; Silverline: N/ABIG-IP: 17.1.2.2^3, 16.1.6^3, 15.1.10.8^3; Silverline: N/A

Safety Exposures

Publicity IDAffected ProductsAffected VersionsFixes Launched InK000150010: BIG-IP AFM safety publicity ​BIG-IP AFM17.5.0-17.5.1, 17.1.0-17.1.2, 16.1.0-16.1.6, 15.1.0-15.1.1017.5.1.1, 17.1.3

BIG-IP Subsequent for Kubernetes receives focused hotfixes, like 2.1.0 EHF-14, to mitigate TMM and SSL/TLS weaknesses. Safety exposures in BIG-IP AFM are additionally resolved, emphasizing the necessity for swift upgrades throughout all supported variations.

F5 stresses that whereas no energetic exploitation of undisclosed flaws is understood, updating is important to stop lateral motion and information exfiltration in buyer networks.

Prospects ought to prioritize making use of these updates, enabling occasion streaming to SIEM instruments, and isolating administration interfaces from public entry.

Decommissioning end-of-life merchandise additional reduces publicity. F5’s transparency underscores the evolving nation-state threats, the place stolen code might gasoline refined assaults on important infrastructure.

By patching promptly, organizations can preserve sturdy defenses towards this and future incidents. For full particulars, discuss with F5’s official notification.

Observe us on Google Information, LinkedIn, and X for each day cybersecurity updates. Contact us to function your tales.
The submit F5 Launched Safety Updates Masking A number of Merchandise Following Current Hack appeared first on Cyber Safety Information.

Cyber Security News Tags:, , , , , ,

Related Posts

Identity and Access Management Trends Shaping 2025 Cyber Security News
New Phishing Attack Abusing Blob URLs to Bypass SEGs and Evade Analysis Cyber Security News
Hackers Allegedly Selling WinRAR 0-day Exploit on Dark Web Forums for $80,000 Cyber Security News
Detecting Lateral Movement in Windows-Based Network Infrastructures Cyber Security News
New Mic-E-Mouse Attack Let Hackers Exfiltrate Sensitive Data by Exploiting Mouse Sensors Cyber Security News
2/3 of Organizations Fear Identity Attacks, But Blind Spots Remain Cyber Security News