CVE-2025-58071

Unknown Unknown - Not Provided

BaseFortify

Publication date: 2025-10-15

Last updated on: 2025-10-21

Assigner: F5 Networks

Description

When IPsec is configured on the BIG-IP system, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2025-10-15

Last Modified

2025-10-21

Generated

2026-05-07

AI Q&A

2025-10-15

EPSS Evaluated

2026-05-05

NVD

CVE-2025-58071

Affected Vendors & Products

Vendor	Product	Version / Range
f5	big-ip_access_policy_manager	From 15.1.0 (inc) to 15.1.10.8 (exc)
f5	big-ip_advanced_web_application_firewall	From 15.1.0 (inc) to 15.1.10.8 (exc)
f5	big-ip_analytics	From 15.1.0 (inc) to 15.1.10.8 (exc)
f5	big-ip_application_acceleration_manager	From 15.1.0 (inc) to 15.1.10.8 (exc)
f5	big-ip_application_security_manager	From 15.1.0 (inc) to 15.1.10.8 (exc)
f5	big-ip_application_visibility_and_reporting	From 15.1.0 (inc) to 15.1.10.8 (exc)
f5	big-ip_automation_toolchain	From 15.1.0 (inc) to 15.1.10.8 (exc)
f5	big-ip_carrier-grade_nat	From 15.1.0 (inc) to 15.1.10.8 (exc)
f5	big-ip_container_ingress_services	From 15.1.0 (inc) to 15.1.10.8 (exc)
f5	big-ip_ddos_hybrid_defender	From 15.1.0 (inc) to 15.1.10.8 (exc)
f5	big-ip_domain_name_system	From 15.1.0 (inc) to 15.1.10.8 (exc)
f5	big-ip_edge_gateway	From 15.1.0 (inc) to 15.1.10.8 (exc)
f5	big-ip_fraud_protection_service	From 15.1.0 (inc) to 15.1.10.8 (exc)
f5	big-ip_global_traffic_manager	From 15.1.0 (inc) to 15.1.10.8 (exc)
f5	big-ip_link_controller	From 15.1.0 (inc) to 15.1.10.8 (exc)
f5	big-ip_local_traffic_manager	From 15.1.0 (inc) to 15.1.10.8 (exc)
f5	big-ip_policy_enforcement_manager	From 15.1.0 (inc) to 15.1.10.8 (exc)
f5	big-ip_ssl_orchestrator	From 15.1.0 (inc) to 15.1.10.8 (exc)
f5	big-ip_webaccelerator	From 15.1.0 (inc) to 15.1.10.8 (exc)
f5	big-ip_websafe	From 15.1.0 (inc) to 15.1.10.8 (exc)
f5	big-ip_access_policy_manager	From 16.1.0 (inc) to 16.1.6.1 (exc)
f5	big-ip_advanced_web_application_firewall	From 16.1.0 (inc) to 16.1.6.1 (exc)
f5	big-ip_analytics	From 16.1.0 (inc) to 16.1.6.1 (exc)
f5	big-ip_application_acceleration_manager	From 16.1.0 (inc) to 16.1.6.1 (exc)
f5	big-ip_application_security_manager	From 16.1.0 (inc) to 16.1.6.1 (exc)
f5	big-ip_application_visibility_and_reporting	From 16.1.0 (inc) to 16.1.6.1 (exc)
f5	big-ip_automation_toolchain	From 16.1.0 (inc) to 16.1.6.1 (exc)
f5	big-ip_carrier-grade_nat	From 16.1.0 (inc) to 16.1.6.1 (exc)
f5	big-ip_container_ingress_services	From 16.1.0 (inc) to 16.1.6.1 (exc)
f5	big-ip_ddos_hybrid_defender	From 16.1.0 (inc) to 16.1.6.1 (exc)
f5	big-ip_domain_name_system	From 16.1.0 (inc) to 16.1.6.1 (exc)
f5	big-ip_edge_gateway	From 16.1.0 (inc) to 16.1.6.1 (exc)
f5	big-ip_fraud_protection_service	From 16.1.0 (inc) to 16.1.6.1 (exc)
f5	big-ip_global_traffic_manager	From 16.1.0 (inc) to 16.1.6.1 (exc)
f5	big-ip_link_controller	From 16.1.0 (inc) to 16.1.6.1 (exc)
f5	big-ip_local_traffic_manager	From 16.1.0 (inc) to 16.1.6.1 (exc)
f5	big-ip_policy_enforcement_manager	From 16.1.0 (inc) to 16.1.6.1 (exc)
f5	big-ip_ssl_orchestrator	From 16.1.0 (inc) to 16.1.6.1 (exc)
f5	big-ip_webaccelerator	From 16.1.0 (inc) to 16.1.6.1 (exc)
f5	big-ip_websafe	From 16.1.0 (inc) to 16.1.6.1 (exc)
f5	big-ip_access_policy_manager	From 17.1.0 (inc) to 17.1.3 (exc)
f5	big-ip_advanced_firewall_manager	From 16.1.0 (inc) to 16.1.5.2.0.7.5 (inc)
f5	big-ip_advanced_web_application_firewall	From 17.1.0 (inc) to 17.1.3 (exc)
f5	big-ip_analytics	From 17.1.0 (inc) to 17.1.3 (exc)
f5	big-ip_application_acceleration_manager	From 17.1.0 (inc) to 17.1.3 (exc)
f5	big-ip_application_security_manager	From 17.1.0 (inc) to 17.1.3 (exc)
f5	big-ip_application_visibility_and_reporting	From 17.1.0 (inc) to 17.1.3 (exc)
f5	big-ip_automation_toolchain	From 17.1.0 (inc) to 17.1.3 (exc)
f5	big-ip_carrier-grade_nat	From 17.1.0 (inc) to 17.1.3 (exc)
f5	big-ip_container_ingress_services	From 17.1.0 (inc) to 17.1.3 (exc)
f5	big-ip_ddos_hybrid_defender	From 17.1.0 (inc) to 17.1.3 (exc)
f5	big-ip_domain_name_system	From 17.1.0 (inc) to 17.1.3 (exc)
f5	big-ip_edge_gateway	From 17.1.0 (inc) to 17.1.3 (exc)
f5	big-ip_fraud_protection_service	From 17.1.0 (inc) to 17.1.3 (exc)
f5	big-ip_global_traffic_manager	From 17.1.0 (inc) to 17.1.3 (exc)
f5	big-ip_link_controller	From 17.1.0 (inc) to 17.1.3 (exc)
f5	big-ip_local_traffic_manager	From 17.1.0 (inc) to 17.1.3 (exc)
f5	big-ip_policy_enforcement_manager	From 17.1.0 (inc) to 17.1.3 (exc)
f5	big-ip_ssl_orchestrator	From 17.1.0 (inc) to 17.1.3 (exc)
f5	big-ip_webaccelerator	From 17.1.0 (inc) to 17.1.3 (exc)
f5	big-ip_websafe	From 17.1.0 (inc) to 17.1.3 (exc)
f5	big-ip_access_policy_manager	17.5.0
f5	big-ip_advanced_firewall_manager	17.5.0
f5	big-ip_advanced_web_application_firewall	17.5.0
f5	big-ip_analytics	17.5.0
f5	big-ip_application_acceleration_manager	17.5.0
f5	big-ip_application_security_manager	17.5.0
f5	big-ip_application_visibility_and_reporting	17.5.0
f5	big-ip_automation_toolchain	17.5.0
f5	big-ip_carrier-grade_nat	17.5.0
f5	big-ip_container_ingress_services	17.5.0
f5	big-ip_ddos_hybrid_defender	17.5.0
f5	big-ip_domain_name_system	17.5.0
f5	big-ip_edge_gateway	17.5.0
f5	big-ip_fraud_protection_service	17.5.0
f5	big-ip_global_traffic_manager	17.5.0
f5	big-ip_link_controller	17.5.0
f5	big-ip_local_traffic_manager	17.5.0
f5	big-ip_policy_enforcement_manager	17.5.0
f5	big-ip_ssl_orchestrator	17.5.0
f5	big-ip_webaccelerator	17.5.0
f5	big-ip_websafe	17.5.0
f5	big-ip_next_cloud-native_network_functions	From 1.1.0 (inc) to 1.4.1 (inc)
f5	big-ip_next_cloud-native_network_functions	From 2.0.0 (inc) to 2.1.0 (inc)
f5	big-ip_next_for_kubernetes	From 2.0.0 (inc) to 2.1.0 (inc)
f5	big-ip_advanced_firewall_manager	From 16.1.0 (inc) to 16.1.5.2.0.7.5 (inc)
f5	big-ip_advanced_firewall_manager	From 16.1.0 (inc) to 16.1.5.2.0.7.5 (inc)

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-457	The code uses a variable that has not been initialized, leading to unpredictable or unintended results.

Attack-Flow Graph

AI Powered Q&A

Can you explain this vulnerability to me?

This vulnerability occurs when IPsec is configured on the BIG-IP system, allowing certain undisclosed traffic to cause the Traffic Management Microkernel (TMM) to terminate unexpectedly.

How can this vulnerability impact me? :

The vulnerability can cause the Traffic Management Microkernel (TMM) on the BIG-IP system to terminate, potentially leading to a denial of service or disruption of network traffic management.

Ask Our AI Assistant

Need more information? Ask your question to get an AI reply (Powered by our expertise)

0/70

CVE-2025-58071

BaseFortify

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

AI Powered Q&A

Ask Our AI Assistant

EPSS Chart