{"uuid": "2c8249b3-5391-4d17-ac4a-ef7b2ef3f258", "vulnerability": {"vulnId": "CVE-2025-53521", "altId": []}, "gcve": {"origin_uuid": "405284c2-e461-4670-8979-7fd2c9755a60", "object_uuid": "2c8249b3-5391-4d17-ac4a-ef7b2ef3f258"}, "status": {"exploited": true, "status_reason": "confirmed", "status_updated_at": "2026-03-27T00:00:00+00:00"}, "characteristics": {}, "timestamps": {"asserted_at": "2026-03-27T00:00:00Z", "recorded_at": "2026-03-27T20:00:01Z", "first_seen_at": "2026-03-27T00:00:00Z"}, "scope": {"notes": "KEV entry: F5 BIG-IP Unspecified Vulnerability | Affected: F5 / BIG-IP | Description: F5 BIG-IP AMP contains an unspecified vulnerability that could allow a threat actor to achieve remote code execution. | Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Due date: 2026-03-30 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): Please adhere to F5\u2019s guidelines to assess exposure and mitigate risks. Check for signs of potential compromise on all internet accessible F5 products affected by this vulnerability. For more information please see: https://my.f5.com/manage/s/article/K000156741 ; https://my.f5.com/manage/s/article/K000160486 ; https://my.f5.com/manage/s/article/K11438344 ; https://nvd.nist.gov/vuln/detail/CVE-2025-53521"}, "evidence": [{"type": "vendor_report", "source": "cisa-kev", "signal": "successful_exploitation", "confidence": 0.8, "details": {"cwes": [], "feed": "CISA Known Exploited Vulnerabilities Catalog", "product": "BIG-IP", "due_date": "2026-03-30", "date_added": "2026-03-27", "vendorProject": "F5", "vulnerabilityName": "F5 BIG-IP Unspecified Vulnerability", "knownRansomwareCampaignUse": "Unknown"}}], "references": [{"id": "CVE-2025-53521", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2025-53521"}]}