The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting F5 BIG-IP Access Policy Manager (APM) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
The vulnerability in question is CVE-2025-53521 (CVSS v4 score: 9.3), which could allow a threat actor to achieve remote code execution.
"When a BIG-IP ...
The strongest version of this narrative highlights a critical shift in threat severity—from a manageable DoS vulnerability to an actively exploited RCE flaw. CISA’s KEV listing and F5’s updated advisory provide credible evidence of in-the-wild exploitation, reinforcing the urgency for patching. The inclusion of specific indicators of compromise (IOCs) and observed attacker tactics (e.g., memory-resident webshells) adds technical depth, while the federal mandate for remediation underscores the sy...