Every CVE whose affected-product data names F5 F5os-c, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2025-61955 — CVSS 8.8 (high): A vulnerability exists in F5OS-A and F5OS-C systems that may allow an authenticated attacker with local access to escalate their…
CVE-2025-57780 — CVSS 8.8 (high): A vulnerability exists in F5OS-A and F5OS-C system that may allow an authenticated attacker with local access to escalate their privileges…
CVE-2025-46265 — CVSS 8.8 (high): On F5OS, an improper authorization vulnerability exists where remotely authenticated users (LDAP, RADIUS, TACACS+) may be authorized with…
CVE-2025-36546 — CVSS 8.1 (high): On an F5OS system, if the root user had previously configured the system to allow login via SSH key-based authentication, and then enabled…
CVE-2002-20001 — CVSS 7.5 (high): The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not…
CVE-2025-59778 — CVSS 7.5 (high): When the Allowed IP Addresses feature is configured on the F5OS-C partition control plane, undisclosed traffic can cause multiple…
CVE-2022-41835 — CVSS 7.3 (high): In F5OS-A version 1.x before 1.1.0 and F5OS-C version 1.x before 1.5.0, excessive file permissions in F5OS allows an authenticated local…
CVE-2023-22657 — CVSS 7.0 (high): On F5OS-A beginning in version 1.2.0 to before 1.3.0 and F5OS-C beginning in version 1.3.0 to before 1.5.0, processing F5OS tenant file…
CVE-2025-47150 — CVSS 6.5 (medium): When SNMP is configured on F5OS Appliance and Chassis systems, undisclosed requests can cause an increase in SNMP memory resource…
CVE-2024-24966 — CVSS 6.2 (medium): When LDAP remote authentication is configured on F5OS, a remote user without an assigned role will be incorrectly authorized. Note…
CVE-2025-43878 — CVSS 6.0 (medium): When running in Appliance mode, an authenticated attacker assigned the Administrator or Resource Administrator role may be able to bypass…
CVE-2025-60015 — CVSS 5.7 (medium): An out-of-bounds write vulnerability exists in F5OS-A and F5OS-C that could lead to memory corruption. Note: Software versions which have…
CVE-2022-41780 — CVSS 5.5 (medium): In F5OS-A version 1.x before 1.1.0 and F5OS-C version 1.x before 1.4.0, a directory traversal vulnerability exists in an undisclosed…
CVE-2024-23607 — CVSS 5.5 (medium): A directory traversal vulnerability exists in the F5OS QKView utility that allows an authenticated attacker to read files outside the…