CVE-2025-59269: 
F5 BIG-IP Virtual Edition vulnerability analysis and mitigation

A stored cross-site scripting (XSS) vulnerability (CVE-2025-59269) was discovered in an undisclosed page of the BIG-IP Configuration utility. The vulnerability allows an attacker to execute JavaScript code in the context of the currently logged-in user. This vulnerability affects multiple versions of F5's BIG-IP products, including versions 15.1.0-15.1.10.8, 16.1.0-16.1.6.1, 17.1.0-17.1.3, and 17.5.0-17.5.1 (NVD).

The vulnerability has been assigned a CVSS v3.1 Base Score of 6.1 (MEDIUM) with the vector string CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N. The vulnerability requires high privileges and user interaction to exploit, but can potentially lead to high impacts on both confidentiality and integrity, while having no impact on availability. Additionally, it received a CVSS v4.0 score of 8.4 (HIGH) with the vector string CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N (NVD).

If successfully exploited, the vulnerability allows attackers to execute JavaScript code in the context of the currently logged-in user, potentially leading to unauthorized access to sensitive information and manipulation of the BIG-IP Configuration utility (NVD).

F5 has released patches for affected versions and strongly urges customers to update their BIG-IP software as soon as possible. This recommendation comes as part of F5's October 2025 Quarterly Security Notification, which addresses multiple vulnerabilities (Lansweeper).

In response to this and other vulnerabilities, CISA issued Emergency Directive 26-01, requiring federal agencies to inventory F5 deployments, secure internet-exposed management interfaces, and meet specific patch implementation deadlines by October 22 and October 31, 2025 (Lansweeper).