PT-2026-40646 · F5 · Big-Ip

Published

2026-05-13

Updated

2026-05-17

CVE-2026-40423

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.2 F5 BIG-IP versions prior to 17.5.1.6 F5 BIG-IP versions prior to 21.0.0.2

Description When a SIP (Session Initiation Protocol) profile is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. This occurs due to an issue with the allocation of resources within the TMM.

Recommendations Update to version 17.1.3.2 or later. Update to version 17.5.1.6 or later. Update to version 21.0.0.2 or later.

Fix

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770

Related Identifiers

CVE-2026-40423

Affected Products

Big-Ip

PT-2026-40646 · F5 · Big-Ip

CVE-2026-40423

Weakness Enumeration

Related Identifiers

Affected Products

References · 3