Arbitrary Command Execution Vulnerability in F5 BIG-IP Scripted Monitors
CVE-2026-32673

8.5HIGH

Key Information:

Vendor: F5
Status: Big-ip
Vendor: CVE Published:; 13 May 2026

What is CVE-2026-32673?

A vulnerability in the scripted monitors of F5 BIG-IP products allows authenticated attackers, possessing either Resource Administrator or Administrator roles, to execute arbitrary commands with elevated privileges. In appliance mode deployments, successfully exploiting this vulnerability can lead to unauthorized access across security boundaries. This poses a significant risk to affected systems. It is important to evaluate the impacted versions, as those that have reached End of Technical Support (EoTS) may not have undergone vulnerability assessment.

Affected Version(s)

BIG-IP 21.0.0 < 21.0.0.2

BIG-IP 17.5.0 < 17.5.1.6

BIG-IP 17.1.0 < 17.1.3.2

References

https://my.f5.com/manage/s/article/K000161040

vendor-advisorypatch

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 13, 2026
Vulnerability Reserved
Apr 30, 2026

Credit

CVE-2026-32673 Data

JSON