Critical F5 BIG-IP APM Vulnerability Exploited in the Wild

A critical vulnerability in F5 BIG-IP Access Policy Manager (APM), tracked as CVE-2025-53521, has been assigned a severity score of 9.8 and classified as a remote code execution (RCE) flaw. The vulnerability is actively being exploited in the wild, though no specific timeline for exploitation was provided. The flaw affects F5 BIG-IP systems, though exact versions or configurations were not detailed. No attribution to threat actors or geographic targeting was mentioned. The impact includes potential unauthorized system access and control due to the RCE capability. Organizations are advised to apply patches and review indicators of compromise (IoCs).