CVE-2025-23415

CVSS 3.1 Score 3.1 of 10 (low)

Details

Published Feb 5, 2025

CWE ID 345

Summary

CVE-2025-23415 is a newly disclosed vulnerability affecting BIG-IP APM's Access Policy endpoint inspection. This issue stems from insufficient data authenticity checks, enabling attackers to bypass endpoint inspection for VPN connections established via BIG-IP APM's browser network access client for Windows, macOS, and Linux. Successful exploitation could potentially allow unauthorized access to network resources. It is important to note that only software versions still under technical support are under evaluation for this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2rdq3M
https://www.cve.org/CVERecord?id=CVE-2025-23415
https://nvd.nist.gov/vuln/detail/CVE-2025-23415

Back to Vulnerability Database

CVE-2025-23415

CVSS 3.1 Score 3.1 of 10 (low)

Details

Summary

Advisories, Assessments, and Mitigations