CVE-2025-61955

Summary

A vulnerability exists in F5OS-A and F5OS-C systems that may allow an authenticated attacker with local access to escalate their privileges.  A successful exploit may allow the attacker to cross a security boundary.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Affected Software

VendorProductVersion RangeStatus
F5F5OS - Appliance1.8.0 < 1.8.3affected
F5F5OS - Appliance1.5.0 < 1.5.4affected
F5F5OS - Chassis1.8.0 < 1.8.2affected
F5F5OS - Chassis1.6.0 < 1.6.4affected

Weaknesses

  • CWE-95: CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References