Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-53860

A vulnerability exists in F5OS-A software that allows a highly privileged authenticated attacker to access sensitive FIPS hardware security module (HSM) information on F5 rSeries systems. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Published

2025-10-15T16:15:34.513

Last Modified

2025-10-21T12:01:49.797

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 4.1 (MEDIUM)

Weaknesses

Type: Secondary
CWE-214
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	f5	f5os-a	< 1.5.3	Yes
Operating System	f5	f5os-a	1.8.0	Yes
Hardware	f5	r10920-df	-	No
Hardware	f5	r5920-df	-	No

References

https://my.f5.com/manage/s/article/K000148625 Vendor Advisory ([email protected])