Cybersecurity firm F5 has launched security updates to deal with BIG-IP vulnerabilities stolen in a breach detected on August 9, 2025.
The corporate disclosed in a Wednesday submitting with the U.S. Securities and Alternate Fee (SEC) that state hackers breached its programs and stole supply code and data on undisclosed BIG-IP security flaws.
F5 added that there is no proof the risk actors leveraged the undisclosed vulnerabilities in assaults and mentioned it has not but discovered proof that the issues have been disclosed.
At this time, F5 has issued patches to deal with 44 vulnerabilities (together with those stolen within the breach) and urged clients to replace their programs as quickly as attainable. F5 confirmed to BleepingComputer that “right this moment’s security updates do handle influence from the incident.”
“Updates for BIG-IP, F5OS, BIG-IP Subsequent for Kubernetes, BIG-IQ, and APM purchasers can be found now. Although now we have no information of undisclosed important or distant code execution vulnerabilities, we strongly advise updating your BIG-IP software program as quickly as attainable,” the corporate mentioned.
“We now have no proof of modification to our software program provide chain, together with our supply code and our construct and launch pipelines [..] and we aren’t conscious of lively exploitation of any undisclosed F5 vulnerabilities.”
F5 additionally issued steerage to assist safe F5 environments from cyberattacks, which they are saying contains the discharge of the October 2025 security updates.
The corporate suggested admins to allow BIG-IP occasion streaming to their security data and occasion administration (SIEM) software program, configure distant syslog servers, and monitor for login makes an attempt to extend visibility and obtain alerts on admin logins, failed authentications, and privilege and configuration adjustments.
Federal companies ordered to deploy BIG-IP patches
On Wednesday, CISA revealed the ED 26-01 emergency directive, ordering Federal Civilian Govt Department (FCEB) companies to safe F5OS, BIG-IP TMOS, BIG-IQ, and BNK/CNF merchandise by putting in the newest F5 patches by October 22. For all different F5 {hardware} and software program home equipment on their networks, the deadline is prolonged to October 31.
The U.S. cybersecurity company additionally instructed federal companies to disconnect and decommission all public-facing F5 gadgets which have reached end-of-support.
“CISA is directing Federal Civilian Govt Department (FCEB) companies to stock F5 BIG-IP merchandise, consider if the networked administration interfaces are accessible from the general public web, and apply updates from F5,” CISA mentioned.
Profitable exploitation of susceptible BIG-IP home equipment can enable attackers to steal credentials and Utility Programming Interface (API) keys, transfer laterally inside targets’ networks, steal delicate knowledge, and set up persistence on compromised gadgets.
BIG-IP vulnerabilities are high-value targets for each nation-state and cybercrime risk teams, which have been exploiting them over time to map inside servers, stealthily steal knowledge, hijack gadgets on victims’ networks, push knowledge wipers, and breach company networks
F5 is a Fortune 500 tech big that gives cybersecurity, cloud administration, and utility supply networking (ADN) companies to over 23,000 clients worldwide and to 48 of Fortune 50 corporations.
Be a part of the Breach and Attack Simulation Summit and expertise the way forward for security validation. Hear from high consultants and see how AI-powered BAS is reworking breach and assault simulation.
Do not miss the occasion that may form the way forward for your security technique
