CVE-2025-53856

moderate-risk

Published 2025-10-15

When a virtual server, network address translation (NAT) object, or secure network address translation (SNAT) object uses the embedded Packet Velocity Acceleration (ePVA) feature, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. To determine which BIG-IP platforms have an ePVA chip refer to K12837: Overview of the ePVA feature https://my.f5.com/manage/s/article/K12837 . Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Do I need to act?

0.03% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.5/10 High

NETWORK / LOW complexity

Affected Products (20)

Big-Ip Access Policy Manager

Big-Ip Advanced Firewall Manager

Big-Ip Advanced Web Application Firewall

Big-Ip Analytics

Big-Ip Application Acceleration Manager

Big-Ip Application Security Manager

Big-Ip Application Visibility And Reporting

Big-Ip Automation Toolchain

Big-Ip Carrier-Grade Nat

Big-Ip Container Ingress Services

Big-Ip Ddos Hybrid Defender

Big-Ip Domain Name System

Big-Ip Edge Gateway

Big-Ip Fraud Protection Service

Big-Ip Global Traffic Manager

Big-Ip Link Controller

Big-Ip Local Traffic Manager

Big-Ip Policy Enforcement Manager

Big-Ip Ssl Orchestrator

Big-Ip Webaccelerator

Affected Vendors

References (1)

Vendor Advisory https://my.f5.com/manage/s/article/K000156707

/ 100

moderate-risk

Severity 26/34 · High

Exploitability 0/34 · Minimal

Exposure 20/34 · Moderate