#VU103723 Improper resource shutdown or release in BIG-IP and BIG-IP Next SPK - CVE-2025-22846
Vulnerability identifier: #VU103723
Vulnerability risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID:
CWE-ID:
CWE-404
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
BIG-IP
Hardware solutions /
Firmware
BIG-IP Next SPK
Operating systems & Components /
Operating system
Vendor: F5 Networks
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources when the Session Initiation Protocol (SIP) application layer gateway (ALG) profile and the SIP router ALG profile are configured on a Message Routing type virtual server. A remote attacker can send specially crafted packets to the device and perform a denial of service (DoS) attack.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
BIG-IP: 15.0.0 - 15.0.1.4, 15.1.0 - 15.1.10.6.0.11, 16.0.0 - 16.0.1.2, 16.1.0 - 16.1.4.3, 17.0.0 - 17.0.0.2, 17.1.0 - 17.1.1.4
BIG-IP Next SPK: 1.7.0 - 1.9.0
External links
https://my.f5.com/manage/s/article/K000139780
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
