CVE-2026-34019 F5 CVE debrief

Who should care

Organizations using F5 BIG-IP products with BFD configured in Static and Dynamic routing protocols should be aware of this vulnerability. Specifically, those using versions 17.1.0-17.1.2 and 17.5.0 are affected. Additionally, users of versions 16.1.0-16.1.6 are also vulnerable. F5 has provided a vendor advisory for mitigation.

Technical summary

The vulnerability exists in the Traffic Management Microkernel (TMM) when processing BFD packets. Undisclosed traffic can cause the TMM to stop processing BFD packets, leading to a failover of the configured routing protocol. The affected products include BIG-IP Access Policy Manager, BIG-IP Advanced Firewall Manager, BIG-IP Advanced Web Application Firewall, and others. The CVSS vector for this vulnerability is CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X.

Defensive priority

This vulnerability requires immediate attention. Affected organizations should review their BIG-IP configurations and apply the necessary mitigations or patches as recommended by F5.

Recommended defensive actions

• Review BIG-IP configurations for BFD in Static and Dynamic routing protocols.
• Apply vendor-recommended mitigations or patches.
• Monitor Traffic Management Microkernel (TMM) performance.
• Consider compensating controls for routing protocol security.
• Inventory affected BIG-IP products and prioritize patching.

Evidence notes

The CVE record and NVD detail provide comprehensive information about the vulnerability. F5 has released a vendor advisory (K000150508) for mitigation. The vulnerability affects multiple BIG-IP products across various versions.

Official resources