F5 Reclassifies BIG-IP APM Vulnerability to Critical RCE Flaw as Active Exploitation Detected

F5 has reclassified a previously identified BIG-IP APM denial-of-service (DoS) vulnerability as a critical-severity remote code execution (RCE) flaw. Attackers are actively exploiting this vulnerability to deploy webshells on unpatched F5 BIG-IP devices. The reclassification indicates a heightened risk, though no specific CVE ID, technical details, or dates for the initial disclosure or exploitation were provided. The flaw affects F5 BIG-IP systems, with the primary impact being unauthorized remote code execution. Organizations using these devices are at risk of compromise if patches are not applied.