CVE-2025-31644

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.5.0

Description A command injection vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell (tmsh) command when running in Appliance mode. This may allow an authenticated attacker with administrator role privileges to execute arbitrary system commands, potentially crossing a security boundary. It is estimated that over 3.2 million services are potentially affected.

Recommendations For versions prior to 17.5.0, consider disabling the vulnerable iControl REST and BIG-IP TMOS Shell (tmsh) commands as a temporary workaround until a patch is available. Restrict access to the Appliance mode to minimize the risk of exploitation. Avoid using the vulnerable commands in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.