CISA Flags Critical F5 BIG-IP APM Vulnerability CVE-2025-53521 Amid Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, citing active exploitation in the wild. This vulnerability, identified as CVE-2025-53521, affects F5 BIG-IP Access Policy Manager (APM) and has a CVSS v4 score of 9.3.

CVE-2025-53521 is a severe security flaw that could allow threat actors to achieve remote code execution, enabling them to execute malicious code on vulnerable systems. This level of access can lead to a range of malicious activities, from data theft to system compromise.

The addition of CVE-2025-53521 to the KEV catalog by CISA underscores the urgency of addressing this vulnerability. It serves as a warning to organizations using F5 BIG-IP APM to prioritize patching and mitigation efforts to protect against potential attacks.

Organizations are advised to review the CISA advisory and apply the necessary patches or workarounds to secure their systems. Given the active exploitation of CVE-2025-53521, prompt action is crucial to prevent falling victim to these attacks.

CISA’s KEV catalog is a valuable resource for organizations seeking to stay ahead of emerging threats. By monitoring this catalog and taking proactive measures, organizations can significantly reduce their risk exposure to known and exploited vulnerabilities like CVE-2025-53521.

Source: Original Article

Press ESC to close

Share Article:

Tarang Parmar

Russian State-Sponsored Hackers TA446 Leverage DarkSword iOS Exploit Kit in Spear-Phishing Attacks

Apple Warns Outdated iPhone Users of Web-Based Exploits with Lock Screen Alerts