CVE-2026-2507
Awaiting Analysis
Awaiting Analysis - Queue
Denial of Service via TMM Crash in BIG-IP AFM/DDoS
Publication date: 2026-02-18
Last updated on: 2026-02-18
Assigner: F5 Networks
Description
Description
When BIG-IP AFM or BIG-IP DDoS is provisioned, undisclosed traffic can cause TMM to terminate.Β Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| f5 | bigtcp_afm | * |
| f5 | bigtcp_ddos | * |
| f5 | bigtip_afm | * |
| f5 | bigtip_ddos | * |
| f5 | bigtp_afm | * |
| f5 | bigtp_ddos | * |
| f5 | bigtop_afm | * |
| f5 | bigtop_ddos | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in F5 BIG-IP AFM or BIG-IP DDoS when they are provisioned. Certain undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate unexpectedly.
How can this vulnerability impact me? :
The impact of this vulnerability is that the TMM component can be terminated, which may lead to denial of service conditions. This means that network traffic management and protection features provided by BIG-IP AFM or BIG-IP DDoS could be disrupted.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70