F5 Products Denial of Service Vulnerability

Release Date: 22 Apr 2025

RISK: High Risk

TYPE: Operating Systems - Networks OS

A vulnerability was identified in F5 Products, a remote attacker could exploit this vulnerabilities to trigger denial of service on the targeted system.

 

Note:

No patch is currently available for  CVE-2025-26466 of the affected products. Hence, the risk level is rated as High Risk.

---

Impact

• Denial of Service

---

System / Technologies affected

• BIG-IP Next (all modules) version 20.2.0 - 20.3.0
• BIG-IP Next Central Manager version 20.2.0 - 20.3.0

 

---

Solutions

Workaround:

Mitigate the vulnerability of attacks by following workaround:

 

For BIG-IP Next:

 

1. Restrict SSH access to trusted networks and users, and disable the f5-debug-sidecar container if it is not needed

For BIG-IP Next Central Manager:

 

1. Restrict SSH access to trusted networks and users

Please visit the vendor web-site for more details.

 

Apply workarounds issued by the vendor:

• https://my.f5.com/manage/s/article/K000150879

---

Vulnerability Identifier

• CVE-2025-26466

---

Source

• F5

---

Related Link

• https://my.f5.com/manage/s/article/K000141052