CVE-2025-59781: 
F5 BIG-IP Virtual Edition vulnerability analysis and mitigation

CVE-2025-59781 is a high-severity vulnerability affecting F5's BIG-IP and BIG-IP Next CNF virtual server systems when DNS cache is configured. The vulnerability was discovered and disclosed on October 15, 2025, affecting multiple versions of F5's products including BIG-IP versions 15.1.0 through 17.1.2.2. This vulnerability received a CVSS v3.1 base score of 7.5 (High) and a CVSS v4.0 score of 8.7 (High) (NVD, GBHackers).

The vulnerability occurs when DNS cache is configured on a BIG-IP or BIG-IP Next CNF virtual server, where undisclosed DNS queries can trigger an increase in memory resource utilization. The issue has been classified under CWE-459 (Incomplete Cleanup) and affects multiple BIG-IP modules including Access Policy Manager, Policy Enforcement Manager, SSL Orchestrator, and various other components across versions 15.1.x, 16.1.x, and 17.1.x (NVD).

When exploited, this vulnerability can lead to increased memory resource consumption in affected systems, potentially impacting system performance and availability. The high severity rating and CVSS scores indicate significant potential impact on system resources (NVD, GBHackers).

F5 has released patches for affected versions and strongly recommends immediate updates across all affected systems. The fixes are available in the October 2025 Quarterly Security Notification. Organizations should prioritize patch deployment based on their specific product configurations and deployment scenarios (Lansweeper, GBHackers).

Following the disclosure, CISA issued Emergency Directive 26-01, requiring federal agencies to inventory F5 deployments, secure internet-exposed management interfaces, and meet specific patch implementation deadlines by October 22 and October 31, 2025. The directive also mandates an inventory report submission by October 29, 2025 (Lansweeper).