Critical F5 BIG-IP Vulnerability CVE-2025-53521 Exploited in the Wild, CISA Issues Emergency Patch Directive
CISA has added a critical F5 BIG-IP vulnerability (CVE-2025-53521) to its Known Exploited Vulnerabilities catalog, urging federal agencies to patch within three days after threat actors were observed actively exploiting the flaw in the wild.
Key Points
- CVE-2025-53521 upgraded from DoS to RCE with CVSS 9.3 (critical severity)
- CISA added vulnerability to KEV catalog with 3-day patching deadline for federal agencies
- Affects BIG-IP APM systems with access policy configured on virtual servers
- Active exploitation confirmed in the wild by threat actors
Full Details
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned on Friday that threat actors are actively exploiting a critical-severity vulnerability in F5 BIG-IP devices. Tracked as CVE-2025-53521 with a CVSS score of 9.3, the flaw was originally disclosed in October 2025 as a high-severity denial-of-service issue but was reclassified as a remote code execution vulnerability last week after further analysis revealed its true severity. F5 has updated its advisory to reflect the bug's critical status, noting that attackers can exploit it on BIG-IP APM systems that have an access policy configured on a virtual server. CISA added the CVE to its KEV catalog and mandated that federal agencies patch the vulnerability within three days, indicating the urgency of the threat. The vulnerability affects organizations running BIG-IP APM with specific configurations, and security researchers have confirmed in-the-wild exploitation is occurring.
Why It Matters
The rapid reclassification from DoS to RCE demonstrates how initial vulnerability assessments can underestimate true impact. Organizations using F5 BIG-IP should prioritize patching immediately as threat actors are actively exploiting this flaw.
Get stories like this delivered daily
AI-curated news, personalized to your interests. Zero noise.
Start 7-Day Free Trial →More in Global News
One Month Into Iran War: Global Economy Faces Major Disruptions
One month after the US and Israeli war on Iran began, the global economy is experiencing the largest supply disruption in oil market history, with cascading effects on inflation, air travel, food prices, and even semiconductor chip production.
AI Targeting Systems in Iran Conflict Raise 'Cold War' Concerns
Reports confirm Palantir's AI targeting systems used in Ukraine are now being integrated into Iranian drone operations, sparking concerns about an emerging AI arms race and ethical questions about autonomous warfare.
G7 Policymakers Hold Crisis Talks as Iran-Russia War Roils Global Economy
Top western G7 policymakers convened emergency discussions to address the economic turmoil caused by the ongoing Iran-Russia war, as the conflict continues to strain global supply chains and markets.
WTO E-Commerce Duties Moratorium Expires as Global Trade Talks Stall
The global moratorium on customs duties for digital downloads and streaming has expired after WTO ministers in Yaoundé, Cameroon failed to reach an extension agreement, with talks now moving to Geneva.