CVE-2026-41959 F5 CVE debrief

Who should care

Organizations using F5 BIG-IP and BIG-IQ products should prioritize patching this vulnerability. Specifically, administrators of BIG-IP and BIG-IQ systems, security teams, and IT professionals responsible for network security and vulnerability management should take immediate action.

Technical summary

The vulnerability exists in BIG-IP and BIG-IQ TMOS Shell (tmsh) network diagnostics commands and BIG-IP iControl REST. An authenticated attacker with local access could potentially exploit this vulnerability to view the network status of destination systems. The Common Vulnerabilities and Exposures (CVE) score is 7.1, indicating a HIGH severity level. Multiple CPEs are affected across various versions of BIG-IP and BIG-IQ.

Defensive priority

Patching is the primary recommended action. Apply the necessary patches or updates provided by F5 to vulnerable BIG-IP and BIG-IQ systems as soon as possible.

Recommended defensive actions

• Apply patches or updates provided by F5 to vulnerable BIG-IP and BIG-IQ systems.
• Implement compensating controls, such as restricting access to TMOS Shell (tmsh) network diagnostics commands and monitoring for suspicious activity.
• Conduct a thorough review of network configurations and user access to identify potential vulnerabilities.
• Consider upgrading to versions of BIG-IP and BIG-IQ that are not vulnerable.
• Monitor system logs and network traffic for signs of exploitation.

Evidence notes

The CVE record and NVD detail provide comprehensive information about the vulnerability, including affected versions and potential impacts. F5 has provided mitigation guidance through their support article.

Official resources