CVE-2025-53474

When an iRule using an ILX::call command is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-53856

When a virtual server, network address translation NAT object, or secure network address translation SNAT object uses the embedded Packet Velocity Acceleration ePVA feature, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. To determine which BIG-IP platforms have...

CVE-2025-53856

When a virtual server, network address translation NAT object, or secure network address translation SNAT object uses the embedded Packet Velocity Acceleration ePVA feature, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. To determine which BIG-IP platforms have...

CVE-2025-48008

When a TCP profile with Multipath TCP MPTCP enabled is configured on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS ar...

CVE-2025-41430

When BIG-IP SSL Orchestrator is enabled, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-41430

When BIG-IP SSL Orchestrator is enabled, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-61960 BIG-IP APM portal access vulnerability

When a per-request policy is configured on a BIG-IP APM portal access virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-58096 BIG-IP TMM vulnerability

When the database variable tm.tcpudptxchecksum is configured as non-default value Software-only on a BIG-IP system, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-58096

CVE-2025-58096 affects BIG-IP TMM: when tm.tcpudptxchecksum is configured as non-default Software-only, undisclosed traffic can terminate TMM, causing DoS on the BIG-IP device. Public sources confirm this vulnerability across BIG-IP versions and provide remediation guidance. Affected BIG-IP branc...

CVE-2025-58120

CVE-2025-58120 affects BIG-IP Next SPK, CNF, and Kubernetes (2.x branches). When HTTP/2 Ingress is configured, undisclosed traffic can trigger a NULL pointer dereference in the Traffic Management Microkernel (TMM), causing termination and a denial-of-service condition. Vulnerable known versions i...

CVE-2025-58120 BIG-IP Next (CNF, SPK, and Kubernetes) vulnerability

When HTTP/2 Ingress is configured, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-58120 BIG-IP Next (CNF, SPK, and Kubernetes) vulnerability

When HTTP/2 Ingress is configured, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-61951 BIG-IP DTLS 1.2 Vulnerability

Undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. This issue may occur when a Datagram Transport Layer Security DTLS 1.2 virtual server is enabled with a Server SSL profile that is configured with a certificate, key, and the SSL Sign Hash set to ANY, and the...

CVE-2025-54479 BIG-IP PEM vulnerability

When a classification profile is configured on a virtual server without an HTTP or HTTP/2 profile, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-54479 BIG-IP PEM vulnerability

When a classification profile is configured on a virtual server without an HTTP or HTTP/2 profile, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-53856 TMM vulnerability

When a virtual server, network address translation NAT object, or secure network address translation SNAT object uses the embedded Packet Velocity Acceleration ePVA feature, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. To determine which BIG-IP platforms have...

CVE-2025-53856 TMM vulnerability

When a virtual server, network address translation NAT object, or secure network address translation SNAT object uses the embedded Packet Velocity Acceleration ePVA feature, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. To determine which BIG-IP platforms have...

CVE-2025-53856

CVE-2025-53856 (TMM ePVA DoS) : The vulnerability affects BIG-IP when the embedded ePVA feature is used by a NAT/SNAT/virtual server and the Auto Last Hop setting is disabled, allowing undisclosed traffic to terminate the Traffic Management Microkernel (TMM) and cause DoS. A remote, unauthenticat...

CVE-2025-41430 BIG-IP SSL Orchestrator vulnerability

When BIG-IP SSL Orchestrator is enabled, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-41430 BIG-IP SSL Orchestrator vulnerability

When BIG-IP SSL Orchestrator is enabled, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...