PT-2026-40674 · F5 · Big-Ip
Published
2026-05-13
·
Updated
2026-05-17
·
CVE-2026-42919
CVSS v3.1
6.7
Medium
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
F5 BIG-IP versions prior to 17.1.3.1
F5 BIG-IP versions prior to 17.5.1.4
F5 BIG-IP versions prior to 21.0.0.1
Description
A stack-based overflow exists in F5 BIG-IP, which is a condition where a program writes more data to a buffer located on the stack than the buffer is allocated to hold. This issue may allow an authenticated attacker with administrative access to escalate their privileges and cross a security boundary.
Recommendations
Update to version 17.1.3.1 or later.
Update to version 17.5.1.4 or later.
Update to version 21.0.0.1 or later.
Fix
Stack Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Big-Ip