{"id":10443,"date":"2026-02-06T10:06:01","date_gmt":"2026-02-06T10:06:01","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2026\/02\/06\/f5-patches-critical-vulnerabilities-in-big-ip-nginx-and-related-products\/"},"modified":"2026-02-06T10:06:01","modified_gmt":"2026-02-06T10:06:01","slug":"f5-patches-critical-vulnerabilities-in-big-ip-nginx-and-related-products","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2026\/02\/06\/f5-patches-critical-vulnerabilities-in-big-ip-nginx-and-related-products\/","title":{"rendered":"F5 Patches Critical Vulnerabilities in BIG-IP, NGINX, and Related Products"},"content":{"rendered":"

F5 Patches Critical Vulnerabilities in BIG-IP, NGINX, and Related Products
\n \t

\n
<\/BR>
\n
\n \t

\n
<\/BR><\/p>\n

\n

F5 released its February 2026 Quarterly Security Notification on February 4, announcing several medium and low-severity CVEs, plus a security exposure affecting BIG-IP, NGINX, and container services.<\/p>\n

These issues primarily stem from denial-of-service (DoS) risks and configuration weaknesses, potentially disrupting high-traffic environments like web application firewalls<\/a> (WAF) and Kubernetes ingress.<\/p>\n

While no active exploits are reported, prompt patching is urged for internet-facing deployments to mitigate DoS chains or unauthorized access.<\/p>\n

F5 provides CVSS v3.1 and v4.0 scores for first-party issues, emphasizing attack vector, privileges, and impact. A live briefing video is available via DevCentral. Details link to F5\u2019s knowledge base.<\/p>\n

These three flaws pose moderate DoS threats, with CVSS scores up to 8.2 (v4.0). Attackers could overwhelm services remotely.<\/p>\n

\n\n\n\n\n\n\n\n
Article (CVE)<\/th>\nCVSS v3.1 \/ v4.0<\/th>\nAffected Products<\/th>\nAffected Versions<\/th>\nFixes Introduced In<\/th>\n<\/tr>\n<\/thead>\n
K000158072: BIG-IP Advanced WAF\/ASM (CVE-2026-22548)<\/a><\/td>\n5.9 \/ 8.2<\/td>\nBIG-IP Advanced WAF\/ASM<\/td>\n17.1.0 \u2013 17.1.2<\/td>\n17.1.3<\/td>\n<\/tr>\n
K000159824: NGINX (CVE-2026-1642)<\/a><\/td>\n5.9 \/ 8.2<\/td>\nNGINX Plus (R32-R36 P1), Open Source (1.3.0-1.29.4), Ingress Controller (5.3.0-5.3.2; 4.0.0-4.0.1; 3.4.0-3.7.1), Gateway Fabric (2.0.0-2.4.0; 1.2.0-1.6.2), Instance Manager (2.15.1-2.21.0)<\/td>\nR36 P2, R35 P1, R32 P4; 1.29.5, 1.28.2; None; None; None<\/td>\n<\/td>\n<\/tr>\n
K000157960: BIG-IP CIS (CVE-2026-22549)<\/a><\/td>\n4.9 \/ 6.9<\/td>\nBIG-IP Container Ingress Services (Kubernetes\/OpenShift)<\/td>\n2.0.0-2.20.1; 1.0.0-1.14.0<\/td>\n2.20.2; 2.20.1 (Helm 0.0.363)<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n

Impact Assessment<\/strong>: CVE-2026-1642 affects the broadest NGINX ecosystem, enabling network-adjacent DoS via crafted requests. WAF\/ASM and CIS flaws target F5\u2019s containerized services, risking outages in hybrid clouds.<\/p>\n

Lower-risk issues focus on local or adjacent attacks.<\/p>\n

\n\n\n\n\n\n\n
Article (CVE)<\/th>\nCVSS v3.1 \/ v4.0<\/th>\nAffected Products<\/th>\nAffected Versions<\/th>\nFixes Introduced In<\/th>\n<\/tr>\n<\/thead>\n
K000158931: BIG-IP Edge Client (CVE-2026-20730)<\/a><\/td>\n3.3 \/ 2.0<\/td>\nBIG-IP APM (21.0.0; 17.5.0-17.5.1; etc.); APM Clients<\/td>\n17.1.3.13; 7.2.6.2<\/td>\n17.1.3.13<\/sup>, 7.2.6.2<\/td>\n<\/tr>\n
K000156644: BIG-IP Config Utility (CVE-2026-20732)<\/a><\/td>\n3.1 \/ 2.3<\/td>\nBIG-IP (all modules)<\/td>\n17.5.1.4; 17.1.3.1<\/td>\n17.5.1.4
17.1.3.1<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n

Notes<\/strong>: Edge Client requires Component Update enabled post-upgrade. Config utility flaw allows local privilege escalation.<\/p>\n

Security Exposures<\/h2>\n
\n\n\n\n\n\n
Article<\/th>\nAffected Products<\/th>\nAffected Versions<\/th>\nFixes Introduced In<\/th>\n<\/tr>\n<\/thead>\n
K000156643: BIG-IP SMTP Config<\/a><\/td>\nBIG-IP (all modules)<\/td>\n21.0.0; 17.5.0-17.5.1; etc.<\/td>\n21.0.0.1; 17.5.1.4; 17.1.3.1<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n

This exposure risks SMTP misconfigurations leading to relay abuse.<\/p>\n

Prioritize medium CVEs in NGINX-heavy setups. Scan for affected versions (pre-EoTS only), apply fixes via iHealth or Helm for CIS. Test in staging to avoid disruptions. Monitor the Medium, Low, and Exposures pages. F5\u2019s CVSS v4.0 shift aids precise risk scoring, see K000140363<\/a>.<\/p>\n

Follow us on Google News<\/a>, LinkedIn<\/a>, and X<\/a> for daily cybersecurity updates. Contact us<\/a> to feature your stories.<\/strong><\/p>\n

The post F5 Patches Critical Vulnerabilities in BIG-IP, NGINX, and Related Products<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\n

\t

\n
<\/BR>
\n Guru Baran
\n \t

\n
<\/BR>
\nGo to cyber-security-news<\/a>
\n \t

\n
<\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"

F5 Patches Critical Vulnerabilities in BIG-IP, NGINX, and Related Products F5 released its February 2026 Quarterly Security Notification on February 4, announcing several medium and low-severity CVEs, plus a security exposure affecting BIG-IP, NGINX, and container services. These issues primarily stem from denial-of-service (DoS) risks and configuration weaknesses, potentially disrupting high-traffic environments like web application […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[129,63,131,648],"tags":[130],"class_list":["post-10443","post","type-post","status-publish","format-standard","hentry","category-cyber-security","category-cyber-security-news","category-vulnerability","category-vulnerability-news","tag-cyber-security-news"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/10443"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=10443"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/10443\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=10443"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=10443"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=10443"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}