CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

Vulnerability in F5 BIG-IP Access Policy Manager (March 31, 2026)

unknownknown exploitedCVE-2025-53521
Actively exploited. At least one CVE in this advisory is listed in the CISA Known Exploited Vulnerabilities catalog — exploitation has been observed in the wild. Treat remediation as urgent.
On October 15, 2025, F5 published a security notice regarding, among other things, the vulnerability CVE-2025-53521. This affects BIG-IP APM and allows an unauthenticated attacker to execute code remotely. On March 29, 2026, the vendor indicates that this vulnerability is actively being exploited. The...

CSIRTS triage

What
F5 BIG-IP APM allows an unauthenticated attacker to execute code remotely.
Who is affected
Deployments of F5 BIG-IP APM.
Urgency
Remediation is urgent due to active exploitation.
Action
Apply the security updates provided by F5.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch BIG-IP Access Policy Manager

Get an email when a new BIG-IP Access Policy Manager advisory drops — max one per day, one-click unsubscribe.

Details

Source
CERT-FR Alertes de sécurité (FR · national-cert · site)
Severity
unknown
Published
2026-03-31
Exploitation
Observed in the wild (CISA KEV)
Language
Machine-translated to English — verify against the original

Original advisory: https://www.cert.ssi.gouv.fr/alerte/CERTFR-2026-ALE-004/

Exploitation outlook

EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.

Referenced CVEs

CVECSIRTS overviewExternal
CVE-2025-53521coverage & exploitation statusNVD · CVE.org

Same CVEs, other sources

How other CERTs, PSIRTs and databases cover the vulnerabilities in this advisory.

More from CERT-FR Alertes de sécurité