Storyline
CISA adds critical F5 BIG-IP APM vulnerability CVE-2025-53521 to known exploited catalog amid active attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-53521, a critical remote code execution vulnerability in F5 BIG-IP Access Policy Manager (APM), to its Known Exploited Vulnerabilities (KEV) catalog following evidence of active exploitation.
Evidence locked
Today's free sample is only available for the edition's flagship storyline.
No card needed for the free brief.
Evidence preview
- The Hacker News - CISA adds CVE-2025-53521 to KEV after active exploitationthehackernews.com
- Help Net Security - Attackers exploiting RCE vulnerability in BIG-IP APM systems...helpnetsecurity.com
- K000156741: F5 BIG-IP APM vulnerability CVE-2025-53521 - from October - K000160486: Indicators of Compromise for c05d...blueteamsec