vulnerability

F5 Networks: CVE-2025-61958: K000154647: BIG-IP tmsh vulnerability CVE-2025-61958

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:M/C:C/I:C/A:N)	Oct 16, 2025	Oct 16, 2025	Oct 16, 2025

Severity

CVSS

(AV:N/AC:L/Au:M/C:C/I:C/A:N)

Published

Oct 16, 2025

Added

Oct 16, 2025

Modified

Oct 16, 2025

Description

A vulnerability exists in the iHealth utility of the TMOS Shell (tmsh) that may allow an authenticated attacker with at least a resource administrator role to bypass tmsh restrictions and gain access to the Advanced Shell (bash). For BIG-IP systems running in Appliance mode, a successful exploit can allow the attacker to cross a security boundary.

Solution

f5-big-ip-upgrade-latest

References

CVE-2025-61958
https://attackerkb.com/topics/CVE-2025-61958
CWE-250
URL-https://my.f5.com/manage/s/article/K000154647

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today