Cyber Posture

CVE-2025-24326

High

Published: 05 February 2025

Published
05 February 2025
Modified
08 August 2025
KEV Added
Patch
CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0048 65.1th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.

Security Summary

CVE-2025-24326 affects the BIG-IP Advanced WAF/ASM Behavioral DoS (BADoS) TLS Signatures feature when configured. Undisclosed traffic can cause an increase in memory resource utilization, potentially leading to denial of service. The vulnerability, published on 2025-02-05, has a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and is associated with CWE-787.

Remote, unauthenticated attackers with network access can exploit the vulnerability due to its low attack complexity and lack of required privileges or user interaction. Exploitation causes high-impact availability disruption through memory exhaustion, with no effects on confidentiality or integrity.

The F5 advisory at https://my.f5.com/manage/s/article/K000140950 provides details on mitigations. Note that software versions which have reached End of Technical Support (EoTS) are not evaluated.

Details

CWE(s)
CWE-787

Affected Products

f5
big-ip application security manager
15.1.0 — 15.1.10.6.0.11.6-ENG · 16.1.0 — 16.1.5 · 17.1.0 — 17.1.2

MITRE ATT&CK Enterprise Techniques

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
attack.mitre.org →
Why these techniques?

Vulnerability in BIG-IP WAF/ASM allows remote unauthenticated attackers to send undisclosed traffic causing memory exhaustion and DoS, directly enabling application/system exploitation for endpoint denial of service.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References