CVE-2026-32643 F5 CVE debrief

Who should care

Organizations using BIG-IP and BIG-IQ systems, particularly those with highly privileged authenticated users, should be aware of this vulnerability. The vulnerability's impact could be significant due to its high CVSS score of 8.5 and the potential for arbitrary command execution.

Technical summary

The vulnerability exists due to improper validation of configuration objects in BIG-IP and BIG-IQ systems. An attacker with at least the Certificate Manager role can exploit this vulnerability to execute arbitrary commands. The CVSS vector for this vulnerability is CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X.

Defensive priority

This vulnerability has a high CVSS score of 8.5, indicating a high severity. Organizations should prioritize patching or mitigating this vulnerability as soon as possible.

Recommended defensive actions

• Review and apply patches provided by F5 for affected BIG-IP and BIG-IQ systems.
• Restrict access to highly privileged roles like Certificate Manager.
• Monitor systems for suspicious activity indicating potential exploitation.
• Consider implementing compensating controls for systems that cannot be patched immediately.
• Verify the integrity of configuration objects and system files.
• Enhance logging and monitoring to detect potential command execution attempts.

Evidence notes

The CVE record and NVD detail provide comprehensive information about the vulnerability, including its description, CVSS score, and affected versions. A mitigation or vendor reference is available from F5.

Official resources