COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2025-53521

CVE-2025-53521

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2026-03-27
Reference
https://nvd.nist.gov/vuln/detail/CVE-2025-53521
⚡ RCE ⌖ exploited in the wild shame 85/100 rceexploited-in-wildsupply-chain

F5 BIG-IP APM stack-based buffer overflow enables remote code execution and is actively exploited in the wild.

This vulnerability allows threat actors to achieve remote code execution on F5 BIG-IP APM systems, posing a critical risk to DIB organizations relying on F5 for traffic management and security. The active exploitation status indicates immediate exposure, requiring urgent patching and network segmentation to prevent unauthorized access to sensitive data.

Shame score — Active exploitation of a remote code execution vulnerability in a critical network security product indicates severe negligence and immediate threat to DIB infrastructure.

Players implicated

F5 · vendorBIG-IP · product

Description

F5 BIG-IP APM contains a stack-based buffer overflow vulnerability that could allow a threat actor to achieve remote code execution.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.