CVE Alert: CVE-2025-58071 – F5 – BIG-IP

Risk verdict

High risk: remote network traffic can terminate the Traffic Management Microkernel (TMM) when IPsec is configured, with no user interaction required.

Why this matters

A TMM crash or restart can disrupt VPN/IPsec tunnels and other services relying on BIG-IP, causing selective or widespread downtime. Attackers could leverage this to degrade availability in perimeter or data‑centre edge deployments, impacting remote access, site connectivity, and service continuity.

Most likely attack path

Exploitation is network-based with no privileges or user interaction needed, provided IPsec is enabled. An attacker would craft traffic or abuse undisclosed IPsec traffic to trigger TMM termination, exploiting preconditions around IPsec-enabled BIG-IP systems and exposed TMM processes.

Who is most exposed

Organizations deploying BIG-IP with IPsec in production—common in gateway, VPN edge, and security-forward architectures—including BIG-IP Next CNF and Kubernetes deployments, are at higher risk. Systems on legacy branches with IPsec also fall within affected scope.

Detection ideas

• TMM crashes or restarts logged in system/application logs
• Unusual spikes or resets in IPsec tunnel activity
• Core dumps or high CPU on TMM processes around network events
• Repeated IPsec-related termination messages in logs
• Anomalous traffic patterns targeting TMM interfaces

Mitigation and prioritisation

• Apply fixed releases/patches from F5; move to a supported, non-EoTS version where available
• If IPsec is not required, disable or minimise IPsec exposure; restrict IPsec endpoints and traffic
• Enforce network access controls: limit connections to trusted sources; deploy segmentation
• Monitor TMM stability and IPsec tunnel health; implement alerting for TMM terminations
• Change-management: test patch in a staging environment before production rollout; schedule maintenance windows
• If KEV indicates exploitation or EPSS is ≥0.5, treat as priority 1 (data not provided in this report)