Security updates F5 BIG-IP: Attackers can disable network traffic

If attackers successfully exploit vulnerabilities in BIG-IP appliances such as Advanced WAF/ASM or APM, they can cause crashes or view protected data. Secured versions are available for download. So far, there are no reports of attacks.

Crashes and data leaks

A vulnerability (CVE-2026-22548 “high”) in BIG-IP Advanced WAF/ASM is considered the most dangerous. As a warning notice indicates, remote DoS attacks are possible without authentication. This causes the bd process to crash, leading to an interruption of network traffic. The developers are not currently detailing how such an attack could occur. However, version 17.1.3 is equipped to handle this.

The remaining vulnerabilities are mostly classified as “low” in terms of threat level. After successful attacks, attackers can access sensitive data that should be isolated, for example, in the context of BIG-IP APM and APM Clients (CVE-2026-20730). Admins can find more information about the vulnerabilities and security updates in the linked warning notices.

• BIG-IP Advanced WAF and ASM vulnerability CVE-2026-22548
• BIG-IP Container Ingress Services vulnerability CVE-2026-22549
• BIG-IP Configuration utility vulnerability CVE-2026-20732
• BIG-IP Edge Client for Windows vulnerability CVE-2026-20730

(des)