CVE-2025-24312: 
F5 BIG-IP Virtual Edition (tier - best) vulnerability analysis and mitigation

CVE-2025-24312 affects BIG-IP AFM when provisioned with IPS module enabled and protocol inspection profile configured. The vulnerability was discovered internally by F5 and disclosed on February 5, 2025. The affected systems include BIG-IP AFM versions 17.1.0-17.1.1, 16.1.0-16.1.5, and 15.1.0-15.1.10, as well as BIG-IP Next CNF versions 1.1.0-1.3.3 (F5 Advisory).

The vulnerability is classified as CWE-770: Allocation of Resources Without Limits or Throttling. It has received a CVSS v3.1 base score of 7.5 (HIGH) and a CVSS v4.0 score of 8.7 (HIGH). The issue occurs in the data plane when undisclosed traffic causes an increase in CPU resource utilization, with no control plane exposure (F5 Advisory).

When exploited, this vulnerability can cause system performance degradation until the Traffic Management Microkernel (TMM) process is either forced to restart or requires manual restart. An unauthenticated attacker can leverage this to cause a degradation of service leading to a denial-of-service (DoS) condition on the BIG-IP system (F5 Advisory).

F5 has released fixes in version 17.1.2 for the 17.x branch, hotfix BIGIP-16.1.5.2.0.7.5-ENG.iso for 16.x branch, and hotfix BIGIP-15.1.10.6.0.11.6-ENG.iso for 15.x branch. For mitigation, F5 recommends configuring BIG-IP systems with high availability (HA) clustering and configuring the HA table to take specific actions to lessen the vulnerability's impact (F5 Advisory).