Timeline

F5 BIG-IP Access Policy Manager

F5's access policy management module; CVE-2025-53521 reclassified to CVSS 9.8 unauthenticated RCE with 14,000+ internet-exposed instances at point of CISA KEV addition.

5 of 5 entries (2 events, 3 interactions)

Filters

EventsMentionsInteractions

#220 Apr

Mentioned in: CISA gives Cisco SD-WAN three days to patch

Cybersecurity: Threats and Defences

#128 Mar

Contained exploited unauthenticated RCE vulnerability with 14,000+ exposed instances at point of reclassification

Cybersecurity: Threats and Defences: F5 reclassifies DoS bug to 9.8 RCE

#128 Mar

Demonstrated by←

Shadowserver

“scanned exposed instances”

Cybersecurity: Threats and Defences · source event

#128 Mar

Ruled by←

CISA

“added to kev catalogue”

Cybersecurity: Threats and Defences · source event

#128 Mar

Stated by←

“reclassified vulnerability severity”

Cybersecurity: Threats and Defences · source event

← Back to F5 BIG-IP Access Policy Manager