Description
An authenticated remote code execution vulnerability through undisclosed vectors exists in the BIG-IP and BIG-IQ Configuration utility.

 Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Published: 2026-05-13
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An authenticated remote code execution vulnerability exists in the BIG‑IP and BIG‑IQ Configuration utility, allowing an attacker who can authenticate to the system to execute arbitrary code, potentially compromising confidentiality, integrity, and availability of the device. This weakness is classified as CWE‑502, indicating a flaw in binary input handling that can be abused to inject malicious code. The description explicitly states the vulnerability is exploitable through undisclosed vectors, implying the exact attack path is not publicly known but is available to those with valid credentials.

Affected Systems

This vulnerability impact F5 BIG‑IP and BIG‑IQ devices. No specific software versions are listed, and any versions that have reached End of Technical Support are not evaluated. Administrators should verify the current firmware or software revision on their managed devices to determine applicability.

Risk and Exploitability

The CVSS score of 8.7 classifies this issue as high severity. Although the EPSS score is not available, the lack of listing in the CISA KEV catalog does not diminish the threat of an authenticated attacker obtaining remote code execution via the configuration utility. The exploit would require valid credentials and access to the configuration interface, suggesting that strong authentication controls, network segmentation, and timely patching are critical to mitigate this risk.

Generated by OpenCVE AI on May 13, 2026 at 17:17 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest F5 patches or upgrade to a supported BIG‑IP or BIG‑IQ version that removes the binary input handling flaw.
  • Limit access to the Configuration utility to trusted management networks and enforce multi‑factor authentication for all users who can log in.
  • Implement network segmentation and strict firewall rules so that only authorized management hosts can reach the BIG‑IP or BIG‑IQ devices, and regularly monitor logs for unusual configuration changes.

Generated by OpenCVE AI on May 13, 2026 at 17:17 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 13 May 2026 18:30:00 +0000

Type Values Removed Values Added
First Time appeared F5
F5 big-ip
F5 big-iq
Vendors & Products F5
F5 big-ip
F5 big-iq

Wed, 13 May 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 13 May 2026 15:15:00 +0000

Type Values Removed Values Added
Description An authenticated remote code execution vulnerability through undisclosed vectors exists in the BIG-IP and BIG-IQ Configuration utility.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Title BIG-IP and BIG-IQ Configuration utility vulnerability
Weaknesses CWE-502
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

F5 Big-ip Big-iq
cve-icon MITRE

Status: PUBLISHED

Assigner: f5

Published:

Updated: 2026-05-14T03:56:14.099Z

Reserved: 2026-04-30T23:02:47.661Z

Link: CVE-2026-41957

cve-icon Vulnrichment

Updated: 2026-05-13T16:15:32.161Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-13T16:16:45.867

Modified: 2026-05-13T16:27:11.127

Link: CVE-2026-41957

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-13T18:15:16Z

Weaknesses