CVE-2025-52585

When a BIG-IP LTM Client SSL profile is configured on a virtual server with SSL Forward Proxy enabled and Anonymous Diffie-Hellman (ADH) ciphers enabled, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate.

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Weakness

The product dereferences a pointer that it expects to be valid but is NULL.

Affected Software

Name	Vendor	Start Version	End Version
Big-ip_access_policy_manager	F5	15.1.0 (including)	15.1.10.8 (excluding)
Big-ip_advanced_firewall_manager	F5	15.1.0 (including)	15.1.10.8 (excluding)
Big-ip_advanced_web_application_firewall	F5	15.1.0 (including)	15.1.10.8 (excluding)
Big-ip_analytics	F5	15.1.0 (including)	15.1.10.8 (excluding)
Big-ip_application_acceleration_manager	F5	15.1.0 (including)	15.1.10.8 (excluding)
Big-ip_application_security_manager	F5	15.1.0 (including)	15.1.10.8 (excluding)
Big-ip_application_visibility_and_reporting	F5	15.1.0 (including)	15.1.10.8 (excluding)
Big-ip_automation_toolchain	F5	15.1.0 (including)	15.1.10.8 (excluding)
Big-ip_carrier-grade_nat	F5	15.1.0 (including)	15.1.10.8 (excluding)
Big-ip_container_ingress_services	F5	15.1.0 (including)	15.1.10.8 (excluding)
Big-ip_ddos_hybrid_defender	F5	15.1.0 (including)	15.1.10.8 (excluding)
Big-ip_domain_name_system	F5	15.1.0 (including)	15.1.10.8 (excluding)
Big-ip_edge_gateway	F5	15.1.0 (including)	15.1.10.8 (excluding)
Big-ip_fraud_protection_service	F5	15.1.0 (including)	15.1.10.8 (excluding)
Big-ip_global_traffic_manager	F5	15.1.0 (including)	15.1.10.8 (excluding)
Big-ip_link_controller	F5	15.1.0 (including)	15.1.10.8 (excluding)
Big-ip_local_traffic_manager	F5	15.1.0 (including)	15.1.10.8 (excluding)
Big-ip_policy_enforcement_manager	F5	15.1.0 (including)	15.1.10.8 (excluding)
Big-ip_ssl_orchestrator	F5	15.1.0 (including)	15.1.10.8 (excluding)
Big-ip_webaccelerator	F5	15.1.0 (including)	15.1.10.8 (excluding)
Big-ip_websafe	F5	15.1.0 (including)	15.1.10.8 (excluding)

Potential Mitigations

References

https://my.f5.com/manage/s/article/K000141436

NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-52585
CWE	https://cwe.mitre.org/data/definitions/476.html

NULL Pointer Dereference

Weakness

Affected Software

Potential Mitigations

References