What is the severity of CVE-2025-36546?

CVE-2025-36546 is classified as a high-severity vulnerability due to the potential unauthorized SSH access it allows.

How do I fix CVE-2025-36546?

To mitigate CVE-2025-36546, disable SSH key-based authentication for root users when appliance mode is enabled.

What systems are affected by CVE-2025-36546?

CVE-2025-36546 affects F5 F5OS-A versions from 1.5.1 to 1.5.2 and F5 F5OS-C versions from 1.6.0 to 1.6.2.

What is the impact of CVE-2025-36546?

If exploited, CVE-2025-36546 allows attackers with access to the private key to gain unauthorized SSH access to the F5OS system.

Who is responsible for fixing CVE-2025-36546 in affected systems?

It is the responsibility of system administrators to implement the necessary configurations to mitigate CVE-2025-36546.

Vulnerability/
CVE-2025-36546

critical

9.2

CWE

863

7/5/2025

8/5/2025

CVE-2025-36546: F5OS Appliance Mode vulnerability

First published: Wed May 07 2025(Updated: )

On an F5OS system, if the root user configures the system to allow login using SSH key-based authentication and later enables appliance mode, the system still allows access using SSH key-based authentication. For an attacker to exploit this vulnerability they must obtain possession of a private key corresponding to a previously-configured entry in root's SSH authorized_keys file.

Credit: f5sirt@f5.com

Affected Software	Affected Version	How to fix
F5 F5OS	>=1.5.1<=1.5.2	1.8.01.5.3
F5 F5OS	>=1.6.0<=1.6.2	1.8.0

Never miss a vulnerability like this again

Reference Links

https://my.f5.com/manage/s/article/K000140574

Frequently Asked Questions

What is the severity of CVE-2025-36546?
CVE-2025-36546 is classified as a high-severity vulnerability due to the potential unauthorized SSH access it allows.
How do I fix CVE-2025-36546?
To mitigate CVE-2025-36546, disable SSH key-based authentication for root users when appliance mode is enabled.
What systems are affected by CVE-2025-36546?
CVE-2025-36546 affects F5 F5OS-A versions from 1.5.1 to 1.5.2 and F5 F5OS-C versions from 1.6.0 to 1.6.2.
What is the impact of CVE-2025-36546?
If exploited, CVE-2025-36546 allows attackers with access to the private key to gain unauthorized SSH access to the F5OS system.
Who is responsible for fixing CVE-2025-36546 in affected systems?
It is the responsibility of system administrators to implement the necessary configurations to mitigate CVE-2025-36546.

collector/f5-advisory
source/F5
alias/CVE-2025-36546
agent/software-canonical-lookup
agent/references
agent/first-publish-date
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/title
agent/weakness
agent/description
agent/type
collector/nvd-api
source/NVD
agent/last-modified-date
agent/severity
agent/source
agent/author
agent/tags
agent/event
vendor/f5
canonical/f5 f5os
version/f5 f5os/1.5.1
version/f5 f5os/1.5.2
version/f5 f5os/1.6.0
version/f5 f5os/1.6.2

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.