Access Control Vulnerability in F5 rSeries Systems by F5 Networks
CVE-2025-53860

5.6MEDIUM

Key Information:

Vendor: F5
Status: F5os - Appliance
Vendor: CVE Published:; 15 October 2025

What is CVE-2025-53860?

A vulnerability found in F5OS-A software enables an authenticated attacker with high privileges to gain unauthorized access to sensitive information stored within the FIPS hardware security module (HSM) on F5 rSeries systems. This weakness poses a serious risk of exposure of critical security data, emphasizing the need for timely vulnerability management and mitigation strategies.

Affected Version(s)

F5OS - Appliance 1.8.0 < 1.8.3

F5OS - Appliance 1.5.0 < 1.5.3

References

https://my.f5.com/manage/s/article/K000148625

vendor-advisory

CVSS V4

Score:

5.6

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Oct 15, 2025
Vulnerability Reserved
Oct 3, 2025

Credit

JSON