CVE-2025-43878

MEDIUM 6.0

F5OS-A/C CLI vulnerability

CVSS Score

6.0

EPSS Score

0.0%

EPSS Percentile

0th

When running in Appliance mode, an authenticated attacker assigned the Administrator or Resource Administrator role may be able to bypass Appliance mode restrictions utilizing system diagnostics tcpdump command utility on a F5OS-C/A system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CWE	CWE-149 CWE-1286
Vendor	f5
Product	f5os - appliance
Published	May 7, 2025
Last Updated	Feb 26, 2026

Stay Ahead of the Next One

Get instant alerts for f5 f5os - appliance

Be the first to know when new medium vulnerabilities affecting f5 f5os - appliance are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Affected Versions

F5 / F5OS - Appliance

1.5.1 < 1.8.0

F5 / F5OS - Chassis

1.6.0 < 1.8.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

my.f5.com: https://my.f5.com/manage/s/article/K000139502

CVE-2025-43878

F5OS-A/C CLI vulnerability

Get instant alerts for f5 f5os - appliance

CVSS v3 Breakdown

Affected Versions

References

Credits