F5 Product Update Advisory (CVE-2025-31644)

May 14 2025

Overview

We have released security updates to fix vulnerabilities in F5 products. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2025-31644

BIG-IP (all modules) Versions: 17.1.0 and later to 17.1.2 and earlier
BIG-IP (all modules) Versions: 16.1.0 and later to 16.1.5 and earlier
BIG-IP (all modules) version: 15.1.0 or later to 15.1.10 or earlier

Resolved Vulnerabilities

Command injection vulnerability in iControl REST and BIG-IP TMOS Shell (tmsh) commands on the appliance (CVE-2025-31644)

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2025-31644

BIG-IP (all modules) Version: 17.1.2.2
BIG-IP (all modules) version: 16.1.6
BIG-IP (all modules) version: 15.1.0 or later to 15.1.10 or earlier

References

[1] K000148591: Appliance mode BIG-IP iControl REST and tmsh vulnerability CVE-2025-31644
https://my.f5.com/manage/s/article/K000148591

F5 Product Update Advisory (CVE-2025-31644)

ATEN Product Update Advisory

MS Family May 2025 Routine Security Update Advisory

Tags:

ATEN Product Update Advisory

MS Family May 2025 Routine Security Update Advisory