CVE-2026-40703 F5 CVE debrief

Who should care

Organizations using affected BIG-IP products should prioritize patching or applying mitigations. Specifically, administrators of BIG-IP Configuration utility should be aware of the potential for CSRF attacks and take steps to protect their systems. Security teams should review their inventory of BIG-IP products and ensure that necessary patches or workarounds are applied.

Technical summary

CVE-2026-40703 is a CSRF vulnerability in the BIG-IP Configuration utility. An attacker could exploit this vulnerability by tricking an authenticated user into performing unintended actions on the BIG-IP system. The vulnerability is caused by inadequate protection against CSRF attacks in the BIG-IP Configuration utility. Affected products include BIG-IP Access Policy Manager, BIG-IP Advanced Firewall Manager, BIG-IP Advanced Web Application Firewall, and others. The CVSS vector for this vulnerability is CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X.

Defensive priority

Apply patches or mitigations provided by F5 as soon as possible. Review BIG-IP product inventory and ensure necessary patches or workarounds are applied.

Recommended defensive actions

• Apply patches or mitigations provided by F5.
• Review BIG-IP product inventory and ensure necessary patches or workarounds are applied.
• Monitor BIG-IP systems for suspicious activity.
• Implement additional security controls, such as web application firewalls, to detect and prevent CSRF attacks.
• Educate administrators on the risks of CSRF attacks and the importance of patching and mitigation.

Evidence notes

The CVE record and NVD detail provide information on the vulnerability and its impact. F5 has provided mitigation guidance for this issue. The vulnerability affects various versions of BIG-IP products.

Official resources