Summary

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting F5 BIG-IP Access Policy Manager (APM) to its Known Exploited Vulnerabilities (KEV) catalog. This inclusion follows evidence of active exploitation of the flaw, identified as CVE-2025-53521.

Key Points

• CISA added CVE-2025-53521 to its KEV catalog on Friday.
• The vulnerability affects F5 BIG-IP Access Policy Manager (APM).
• CVE-2025-53521 has a CVSS v4 score of 9.3.
• The flaw allows for remote code execution (RCE) by threat actors.
• Active exploitation of this vulnerability has been observed.

Analysis

The addition of CVE-2025-53521 to CISA's KEV catalog highlights the critical nature of this vulnerability, especially given its high CVSS score of 9.3 and the potential for remote code execution. The active exploitation indicates that threat actors are already leveraging this flaw, posing significant risks to organizations using F5 BIG-IP APM.

Conclusion

IT professionals should prioritize patching systems affected by CVE-2025-53521 to mitigate the risk of exploitation. Regularly monitoring CISA's KEV catalog can help stay informed about critical vulnerabilities.