A flaw exists in the iControl REST and BIG‑IP TMOS Shell (tmsh) command that allows an authenticated user holding a Resource Administrator or Administrator role to run arbitrary system commands with elevated privileges. The vulnerability uses an undisclosed command path, permitting the attacker to execute code that could compromise the underlying operating system or network configuration. The potential impact includes full system compromise, data exfiltration, and alteration or destruction of the appliance state, as the attacker can achieve higher privileges than required for normal configuration tasks.

F5 BIG‑IP appliances that have BIG‑IP DNS provisioned. The vulnerability specifically affects F5's BIG‑IP DNS and the broader BIG‑IP platform where iControl REST and tmsh interfaces are enabled. No specific software versions are listed; however, the issue is operative in all versions where the described components exist and are supported.

The CVSS score of 8.5 reflects a high severity vulnerability. Exploitation requires authenticated access with Administrative privileges, indicating that the attacker must already have legitimate credentials or penetration of internal systems. The EPSS score is not available, so the current likelihood cannot be quantified, but the absence from KEV suggests no publicly known exploits yet. An attacker that can reach the iControl REST or tmsh interface—typically through an internal network or via exposed management interfaces—can trigger this flaw to gain privileged system access and potentially cross security boundaries in Appliance mode deployments.