www.infosecurity-magazine.com 3/31/2026, 9:11:38 AM · via preferred

NCSC Urges Immediate Patching of F5 BIG-IP Bug

Developing story vulnerability 8 articles tracked
F5 BIG-IP APM vulnerability (CVE-2025-53521) reclassified as unauthenticated RCE
CyberSIXT Evidence Panel
CISA KEV Listed in KEV
Patch Patch Available

ACCORDING to The National Cyber Security Centre (NCSC), UK organisations have been urged to immediately patch a critical vulnerability in F5’s BIG-IP Access Policy Manager (APM) that is currently under active exploitation. The NCSC said it is still working to understand UK impact and any cases of active exploitation affecting UK networks. The flaw is CVE-2025-53521 and could lead to remote code execution when a BIG-IP APM access policy is configured on a virtual server.

F5 initially classified the bug as a denial-of-service vulnerability with a CVSS of 7.5, but updated information in March 2026 re-categorised it as an RCE flaw with a score of 9.8. The US CISA added the CVE to its Known Exploited Vulnerabilities catalog and gave federal agencies until midnight on 30 March to patch.

F5 also advised customers to follow incident-handling guidelines, rebuild configurations from scratch if needed, and update to the latest product version, as failures to do so could leave systems exposed to compromise.

View full article

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline