Description
When a SIP profile is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.

 Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Published: 2026-05-13
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A misconfiguration involving a SIP profile on a virtual server can trigger undisclosed traffic that causes the Traffic Management Microkernel (TMM) to crash. The crash results in a denial of service because the TMM is responsible for packet processing; when it terminates, traffic handling on the affected device stops. The weakness maps to CWE-770, which represents resource depletion.

Affected Systems

The affected product is F5 BIG‑IP. No specific version range is listed in the CNA data, so all supported releases that still support SIP profiles on virtual servers may be at risk until a vendor fix is released.

Risk and Exploitability

The CVSS score of 8.7 indicates high severity. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog, suggesting no known exploits yet. The likely attack vector is network traffic directed at SIP profiles configured on virtual servers, implying that an attacker could send crafted traffic from outside the network to trigger the crash. The impact is a denial of service affecting the affected BIG‑IP device, which could cascade to any services relying on that device.

Generated by OpenCVE AI on May 13, 2026 at 16:41 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest BIG‑IP firmware release that contains the vendor’s fix for the SIP profile crash.
  • If a patch is not yet available, disable SIP profiles on virtual servers that do not require SIP functionality until the issue is resolved.
  • Enable high‑availability or load‑balancing to mitigate the impact of a single device failure while the vulnerability is remediated.

Generated by OpenCVE AI on May 13, 2026 at 16:41 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 13 May 2026 17:00:00 +0000

Type Values Removed Values Added
First Time appeared F5
F5 big-ip
Vendors & Products F5
F5 big-ip

Wed, 13 May 2026 15:15:00 +0000

Type Values Removed Values Added
Description When a SIP profile is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Title BIG-IP SIP profile vulnerability
Weaknesses CWE-770
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

F5 Big-ip
cve-icon MITRE

Status: PUBLISHED

Assigner: f5

Published:

Updated: 2026-05-13T16:07:50.706Z

Reserved: 2026-04-30T23:04:27.944Z

Link: CVE-2026-40423

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-13T16:16:42.560

Modified: 2026-05-13T16:27:11.127

Link: CVE-2026-40423

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-13T16:45:44Z

Weaknesses