{"id":230591,"date":"2026-03-31T04:45:00","date_gmt":"2026-03-31T08:45:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/03\/31\/ncsc-urges-immediate-patching-of-f5-big-ip-bug\/"},"modified":"2026-04-02T22:35:22","modified_gmt":"2026-04-03T02:35:22","slug":"ncsc-urges-immediate-patching-of-f5-big-ip-bug","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/03\/31\/ncsc-urges-immediate-patching-of-f5-big-ip-bug\/","title":{"rendered":"NCSC Urges Immediate Patching of F5 BIG-IP Bug"},"content":{"rendered":"<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/ncsc-urges-immediate-patching-f5\/\">NCSC Urges Immediate Patching of F5 BIG-IP Bug<\/a><\/p>\n<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/ncsc-urges-immediate-patching-f5\/\">https:\/\/www.infosecurity-magazine.com\/news\/ncsc-urges-immediate-patching-f5\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-03-31 04:45:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.infosecurity-magazine.com\">www.infosecurity-magazine.com<\/a><\/p>\n<p>UK organizations have been encouraged to immediately patch a critical new vulnerability in F5\u2019s BIG-IP Access Policy Manager\u00a0(APM) product currently under active exploitation.<\/p>\n<p>The National Cyber Security Centre (NCSC) explained that it is still \u201cworking to fully understand UK impact and any potential cases of active exploitation affecting UK networks.\u201d<\/p>\n<p>It added that CVE-2025-53521 could lead to remote code execution (RCE) \u201cwhen a BIG-IP APM access policy is configured on a virtual server.\u201d<\/p>\n<p>In a security advisory, F5 explained that the flaw was originally classified as a denial-of-service vulnerability with a CVSS score of 7.5. However, \u201cdue to new information obtained in March 2026\u201d the CVE is being re-categorized as an RCE flaw with a score of 9.8.<\/p>\n<p>Read more on F5 vulnerabilities: Firms Urged to Patch as Attackers Exploit Critical F5 Bugs<\/p>\n<p>The US Cybersecurity and Infrastructure Security Agency (CISA) added the CVE to its Known Exploited Vulnerabilities (KEV) catalog and gave federal agencies up to midnight on March 30 to patch \u2013 reflecting the seriousness of the bug.<\/p>\n<p>&#8220;This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise,&#8221; it said.<\/p>\n<p>F5 urged customers to consult their corporate security policy for incident handling guidelines including forensic best practices, in the event of compromise.<\/p>\n<p>\u201cMore specifically, review the policies to ensure that they comply with evidence collection and forensics procedures for a security incident before you attempt to recover the system,\u201d it added.<\/p>\n<p>\u201cAdditionally, if you do not know exactly when the system was compromised, your UCS [user configuration set] backups may have been created afterward, or both, F5 strongly recommends that you rebuild the configuration from scratch because UCS files from compromised systems can contain persistent malware.\u201d<\/p>\n<h2><strong>What F5 Customers Should Do Next<\/strong><\/h2>\n<p>The NCSC recommended F5 customers do&#8230;<\/p>\n<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/ncsc-urges-immediate-patching-f5\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>NCSC Urges Immediate Patching of F5 BIG-IP Bug https:\/\/www.infosecurity-magazine.com\/news\/ncsc-urges-immediate-patching-f5\/ Publish Date: 2026-03-31 04:45:00 Source Domain:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":230592,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/assets.infosecurity-magazine.com\/webpage\/og\/0de29d96-c15d-42c8-a47d-b3033a020412.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,31,32,27],"class_list":["post-230591","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-exploit","tag-malware","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/230591"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=230591"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/230591\/revisions"}],"predecessor-version":[{"id":230593,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/230591\/revisions\/230593"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/230592"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=230591"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=230591"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=230591"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}