CYBERSIXT Signal Over Noise
www.ncsc.gov.uk 3/30/2026, 12:16:18 PM · external

Vulnerability affecting F5 BIG-IP APM

Incident Open incident page

CVE-2025-53521: F5 BIG-IP APM Flaw Reclassified as Unauthenticated RCE

CVE-2025-53521 is a vulnerability in F5 BIG-IP Access Policy Manager (APM) that was reclassified in 2026 from a denial-of-service issue to an unauthenticated remote code execution (RCE) vulnerability. The flaw is actively exploited, with exploitation occurring in vulnerable BIG-IP versions and CISA listing it in its Known Exploited Vulnerabilities catalog.…

First seen 2026-03-27T22:10:57.047Z · Last seen 2026-04-01T11:42:56.200Z

CVE-2025-53521
CyberSIXT Evidence Panel
Primary Source my.f5.com
CVE Intel
CVE-2025-53521 - NVD CISA KEV due 2026-03-30 9.8 CRITICAL
CISA KEV Listed in KEV
Patch Patch Available

THE UK National Cyber Security Centre (NCSC) has issued an alert regarding a critical vulnerability (CVE-2025-53521) affecting F5 BIG-IP Access Policy Manager (APM), which allows unauthenticated remote code execution. This issue has been categorized as a serious risk due to reports of active exploitation.

Organizations using BIG-IP APM are strongly advised to take immediate preventive actions, such as consulting the official security advisory, isolating affected systems, investigating for compromises, and updating to the latest software version. Further resources for organizations include guidance on incident response and vulnerability management.

View Primary Source Via www.ncsc.gov.uk

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline