This alert is intended for network and infrastructure teams, SOC analysts, and system administrators managing F5 products.
Background
F5 have released an advisory regarding a cyber security incident that has affected certain F5 systems with recommendation on what customers can do to help protect themselves.
In addition to this advisory, F5 has issued its October 2025 quarterly security notification summarising multiple critical vulnerabilities identified across its product portfolio. The notification details newly discovered and previously unresolved issues affecting multiple F5 platforms. The advisory provides a coordinated patch release to help customers maintain secure and supported versions across all F5 environments.
Mitigation advice
Organisations operating F5 BIG-IP, BIG-IP Next, F5OS-A/C, or Silverline devices running versions listed in the advisory. Affected builds include major releases 15.x through 17.x, as well as Next SPK, CNF, and Kubernetes versions.
ASD’s ACSC recommends affected organisations:
- Review F5 article K000154696: F5 Security Incident for recommended actions.
- Review F5 article K000156572: Quarterly Security Notification (October 2025) for affected versions and patch levels.
- Review the updated F5 article K67091411: Guidance for Quarterly Security Notifications.
- Apply the recommended fixed versions or engineering hotfixes listed in the table.
- For appliances at end of technical support (EoTS), upgrade to supported devices.
Monitor for updates and subscribe to F5 security advisories.
Where to get help
Organisations that have been impacted, suspect impact or require advice and assistance can contact us via 1300 CYBER1 (1300 292 371).