Traffic Management Microkernel Vulnerability in BIG-IP SSL Orchestrator by F5 Networks
CVE-2025-41430

8.7HIGH

Key Information:

Vendor: F5
Status: Big-ip; Ssl Orchestrator
Vendor: CVE Published:; 15 October 2025

What is CVE-2025-41430?

A vulnerability exists in BIG-IP SSL Orchestrator when it is enabled, potentially leading to the termination of the Traffic Management Microkernel (TMM) due to undisclosed traffic. This disruption could impact the functionality and performance of applications relying on the orchestration of SSL traffic. Users are advised to ensure that they are running supported versions and to remain vigilant regarding updates and patches.

Affected Version(s)

BIG-IP 17.5.0 < 17.5.1

BIG-IP 17.1.0 < 17.1.3

BIG-IP 16.1.0 < 16.1.4

References

https://my.f5.com/manage/s/article/K000150667

vendor-advisory

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 15, 2025
Vulnerability Reserved
Apr 23, 2025

Credit

JSON