F5 Security Advisory (October 16th , 2025) 

Ref# ADV2025_377 | Date: Oct 16th 2025

F5 published a security advisory highlighting vulnerabilities in the following product on October 15th , 2025. It is recommended that you take the necessary precautions by ensuring your product is always updated. 

  •  BIG-IP (all modules) – versions 17.5.0 to 17.5.1, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.6, versions 15.1.0 to 15.1.10 
  • BIG-IP AFM – version 17.5.0, versions 17.1.0 to 17.1.2, versions 15.1.0 to 15.1.10 
  • BIG-IP APM – versions 17.5.0 to 17.5.1, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.6, versions 15.1.0 to 15.1.10 
  • BIG-IP APM, APM with SWG, SSL Orchestrator, SSL Orchestrator with SWG – version 17.5.0, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.6, versions 15.1.0 to 15.1.10 
  • BIG-IP ASM – versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.5 
  • BIG-IP Advanced WAF/ASM – versions 17.5.0 to 17.5.1, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.6, versions 15.1.0 to 15.1.10 
  • BIG-IP Next CNF – versions 2.0.0 to 2.1.0, versions 1.1.0 to 1.4.1 
  • BIG-IP Next SPK – versions 2.0.0 to 2.1.0, versions 1.7.0 to 1.9.2 
  • BIG-IP Next for Kubernetes – versions 2.0.0 to 2.1.0 
  • BIG-IP PEM – version 17.5.0, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.6, versions 15.1.0 to 15.1.10 
  • BIG-IP SSL Orchestrator – version 17.5.0, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.5, versions 15.1.0 to 15.1.10 
  • F5OS-A – versions 1.8.0 to 1.8.1, versions 1.5.1 to 1.5.3 
  • F5OS-C – version 1.8.0 to 1.8.1, versions 1.6.0 to 1.6.2 
  • NGINX App Protect WAF – versions 4.5.0 to 4.6.0 

For more information on this update, you can follow these URLs: 

The Guyana National CIRT recommends that users and administrators review these updates and apply them where necessary. 

PDF Download: F5 Security Advisory

References