CVE-2026-41953
EUVD-2026-2998813.05.2026, 16:16
A vulnerability exists in BIG-IP systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can modify configuration objects resulting in privilege escalation. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| f5 | big-ip_access_policy_manager | 17.1.0 ≤ 𝑥 ≤ 17.1.3 |
| f5 | big-ip_access_policy_manager | 17.5.0 ≤ 𝑥 ≤ 17.5.1 |
| f5 | big-ip_advanced_firewall_manager | 17.1.0 ≤ 𝑥 ≤ 17.1.3 |
| f5 | big-ip_advanced_firewall_manager | 17.5.0 ≤ 𝑥 ≤ 17.5.1 |
| f5 | big-ip_advanced_web_application_firewall | 17.1.0 ≤ 𝑥 ≤ 17.1.3 |
| f5 | big-ip_advanced_web_application_firewall | 17.5.0 ≤ 𝑥 ≤ 17.5.1 |
| f5 | big-ip_analytics | 17.1.0 ≤ 𝑥 ≤ 17.1.3 |
| f5 | big-ip_analytics | 17.5.0 ≤ 𝑥 ≤ 17.5.1 |
| f5 | big-ip_application_acceleration_manager | 17.1.0 ≤ 𝑥 ≤ 17.1.3 |
| f5 | big-ip_application_acceleration_manager | 17.5.0 ≤ 𝑥 ≤ 17.5.1 |
| f5 | big-ip_application_security_manager | 17.1.0 ≤ 𝑥 ≤ 17.1.3 |
| f5 | big-ip_application_security_manager | 17.5.0 ≤ 𝑥 ≤ 17.5.1 |
| f5 | big-ip_application_visibility_and_reporting | 17.1.0 ≤ 𝑥 ≤ 17.1.3 |
| f5 | big-ip_application_visibility_and_reporting | 17.5.0 ≤ 𝑥 ≤ 17.5.1 |
| f5 | big-ip_automation_toolchain | 17.1.0 ≤ 𝑥 ≤ 17.1.3 |
| f5 | big-ip_automation_toolchain | 17.5.0 ≤ 𝑥 ≤ 17.5.1 |
| f5 | big-ip_carrier-grade_nat | 17.1.0 ≤ 𝑥 ≤ 17.1.3 |
| f5 | big-ip_carrier-grade_nat | 17.5.0 ≤ 𝑥 ≤ 17.5.1 |
| f5 | big-ip_container_ingress_services | 17.1.0 ≤ 𝑥 ≤ 17.1.3 |
| f5 | big-ip_container_ingress_services | 17.5.0 ≤ 𝑥 ≤ 17.5.1 |
| f5 | big-ip_ddos_hybrid_defender | 17.1.0 ≤ 𝑥 ≤ 17.1.3 |
| f5 | big-ip_ddos_hybrid_defender | 17.5.0 ≤ 𝑥 ≤ 17.5.1 |
| f5 | big-ip_domain_name_system | 17.1.0 ≤ 𝑥 ≤ 17.1.3 |
| f5 | big-ip_domain_name_system | 17.5.0 ≤ 𝑥 ≤ 17.5.1 |
| f5 | big-ip_edge_gateway | 17.1.0 ≤ 𝑥 ≤ 17.1.3 |
| f5 | big-ip_edge_gateway | 17.5.0 ≤ 𝑥 ≤ 17.5.1 |
| f5 | big-ip_fraud_protection_service | 17.1.0 ≤ 𝑥 ≤ 17.1.3 |
| f5 | big-ip_fraud_protection_service | 17.5.0 ≤ 𝑥 ≤ 17.5.1 |
| f5 | big-ip_global_traffic_manager | 17.1.0 ≤ 𝑥 ≤ 17.1.3 |
| f5 | big-ip_global_traffic_manager | 17.5.0 ≤ 𝑥 ≤ 17.5.1 |
| f5 | big-ip_link_controller | 17.1.0 ≤ 𝑥 ≤ 17.1.3 |
| f5 | big-ip_link_controller | 17.5.0 ≤ 𝑥 ≤ 17.5.1 |
| f5 | big-ip_local_traffic_manager | 17.1.0 ≤ 𝑥 ≤ 17.1.3 |
| f5 | big-ip_local_traffic_manager | 17.5.0 ≤ 𝑥 ≤ 17.5.1 |
| f5 | big-ip_policy_enforcement_manager | 17.1.0 ≤ 𝑥 ≤ 17.1.3 |
| f5 | big-ip_policy_enforcement_manager | 17.5.0 ≤ 𝑥 ≤ 17.5.1 |
| f5 | big-ip_ssl_orchestrator | 17.1.0 ≤ 𝑥 ≤ 17.1.3 |
| f5 | big-ip_ssl_orchestrator | 17.5.0 ≤ 𝑥 ≤ 17.5.1 |
| f5 | big-ip_webaccelerator | 17.1.0 ≤ 𝑥 ≤ 17.1.3 |
| f5 | big-ip_webaccelerator | 17.5.0 ≤ 𝑥 ≤ 17.5.1 |
| f5 | big-ip_websafe | 17.1.0 ≤ 𝑥 ≤ 17.1.3 |
| f5 | big-ip_websafe | 17.5.0 ≤ 𝑥 ≤ 17.5.1 |
| f5 | big-ip_access_policy_manager | 16.1.0 ≤ 𝑥 ≤ 16.1.6 |
| f5 | big-ip_advanced_firewall_manager | 16.1.0 ≤ 𝑥 ≤ 16.1.6 |
| f5 | big-ip_advanced_web_application_firewall | 16.1.0 ≤ 𝑥 ≤ 16.1.6 |
| f5 | big-ip_analytics | 16.1.0 ≤ 𝑥 ≤ 16.1.6 |
| f5 | big-ip_application_acceleration_manager | 16.1.0 ≤ 𝑥 ≤ 16.1.6 |
| f5 | big-ip_application_security_manager | 16.1.0 ≤ 𝑥 ≤ 16.1.6 |
| f5 | big-ip_application_visibility_and_reporting | 16.1.0 ≤ 𝑥 ≤ 16.1.6 |
| f5 | big-ip_automation_toolchain | 16.1.0 ≤ 𝑥 ≤ 16.1.6 |
| f5 | big-ip_carrier-grade_nat | 16.1.0 ≤ 𝑥 ≤ 16.1.6 |
| f5 | big-ip_container_ingress_services | 16.1.0 ≤ 𝑥 ≤ 16.1.6 |
| f5 | big-ip_ddos_hybrid_defender | 16.1.0 ≤ 𝑥 ≤ 16.1.6 |
| f5 | big-ip_domain_name_system | 16.1.0 ≤ 𝑥 ≤ 16.1.6 |
| f5 | big-ip_edge_gateway | 16.1.0 ≤ 𝑥 ≤ 16.1.6 |
| f5 | big-ip_fraud_protection_service | 16.1.0 ≤ 𝑥 ≤ 16.1.6 |
| f5 | big-ip_global_traffic_manager | 16.1.0 ≤ 𝑥 ≤ 16.1.6 |
| f5 | big-ip_link_controller | 16.1.0 ≤ 𝑥 ≤ 16.1.6 |
| f5 | big-ip_local_traffic_manager | 16.1.0 ≤ 𝑥 ≤ 16.1.6 |
| f5 | big-ip_policy_enforcement_manager | 16.1.0 ≤ 𝑥 ≤ 16.1.6 |
| f5 | big-ip_ssl_orchestrator | 16.1.0 ≤ 𝑥 ≤ 16.1.6 |
| f5 | big-ip_webaccelerator | 16.1.0 ≤ 𝑥 ≤ 16.1.6 |
| f5 | big-ip_websafe | 16.1.0 ≤ 𝑥 ≤ 16.1.6 |
| f5 | big-ip_access_policy_manager | 21.0.0 |
| f5 | big-ip_advanced_firewall_manager | 21.0.0 |
| f5 | big-ip_advanced_web_application_firewall | 21.0.0 |
| f5 | big-ip_analytics | 21.0.0 |
| f5 | big-ip_application_acceleration_manager | 21.0.0 |
| f5 | big-ip_application_security_manager | 21.0.0 |
| f5 | big-ip_application_visibility_and_reporting | 21.0.0 |
| f5 | big-ip_automation_toolchain | 21.0.0 |
| f5 | big-ip_carrier-grade_nat | 21.0.0 |
| f5 | big-ip_container_ingress_services | 21.0.0 |
| f5 | big-ip_ddos_hybrid_defender | 21.0.0 |
| f5 | big-ip_domain_name_system | 21.0.0 |
| f5 | big-ip_edge_gateway | 21.0.0 |
| f5 | big-ip_fraud_protection_service | 21.0.0 |
| f5 | big-ip_global_traffic_manager | 21.0.0 |
| f5 | big-ip_link_controller | 21.0.0 |
| f5 | big-ip_local_traffic_manager | 21.0.0 |
| f5 | big-ip_policy_enforcement_manager | 21.0.0 |
| f5 | big-ip_ssl_orchestrator | 21.0.0 |
| f5 | big-ip_webaccelerator | 21.0.0 |
| f5 | big-ip_websafe | 21.0.0 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| f5 | big-ip | 21.0.0 ≤ 𝑥 < 21.0.0.2 | CNA |
| f5 | big-ip | 17.5.0 ≤ 𝑥 < 17.5.1.6 | CNA |
| f5 | big-ip | 17.1.0 ≤ 𝑥 < 17.1.3.2 | CNA |