Primary

Context

F5 BIG-IP Privilege Escalation Vulnerability

Vulnerability

A vulnerability in F5 BIG-IP systems allows a highly privileged, authenticated attacker with the Resource Administrator role to modify configuration objects, leading to privilege escalation. This issue affects several versions across the 16.x, 17.x, and 21.x branches. In Appliance mode deployments, the vulnerability can enable an attacker to cross a security boundary.

Impact

Exploitation of this vulnerability could allow a privileged attacker to escalate privileges, bypass Appliance mode restrictions, and in Appliance mode deployments, cross a security boundary.

Remediation

Users can upgrade to BIG-IP versions 17.5.1.6, 17.1.3.2, or 21.0.0.2. For more information about managing BIG-IP product hotfixes, refer to the F5 article K13123.

Added: May 13, 2026, 8:03 PM

Updated: May 13, 2026, 8:03 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

3.0

remediation

0.0

relevance

8.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

3.0

remediation

0.0

relevance

8.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

F5 BIG-IP Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

F5 BIG-IP

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating