Command Bypass in BIG-IP Systems from F5 Networks
CVE-2025-61958

8.5HIGH

Key Information:

Vendor: F5
Status: Big-ip
Vendor: CVE Published:; 15 October 2025

What is CVE-2025-61958?

A security flaw exists in the iHealth command of F5 BIG-IP systems that allows authenticated attackers with a resource administrator role to bypass tmsh restrictions. This vulnerability can potentially enable them to access a bash shell, leading to unauthorized operations within the system. Particularly concerning is the ability for an attacker to cross established security boundaries when exploiting this issue on BIG-IP systems configured in Appliance mode.

Affected Version(s)

BIG-IP 17.5.0 < 17.5.1.1

BIG-IP 17.1.0 < 17.1.3

BIG-IP 16.1.0 < 16.1.6.1

References

https://my.f5.com/manage/s/article/K000154647

vendor-advisory

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 15, 2025
Vulnerability Reserved
Oct 3, 2025

Credit

F5 acknowledges Australian Cyber Security Centre for bringing this issue to our attention and following the highest standards of coordinated disclosure.

JSON