CVE-2025-20029

Name of the Vulnerable Software and Affected Versions F5 BIG-IP (affected versions not specified)

Description A command injection vulnerability exists in the iControl REST and BIG-IP TMOS Shell (tmsh) save command, which may allow an authenticated attacker to execute arbitrary system commands. This issue can be exploited by an attacker to escalate privileges and execute arbitrary commands, potentially leading to system takeover. The estimated number of potentially affected devices worldwide is over 2.3 million.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.