CVE-2025-59778 is a vulnerability identified in the F5OS - Chassis product, specifically affecting versions 1.6.0 and 1.8.0. The flaw exists within the Allowed IP Addresses feature configured on the F5OS-C partition control plane. When this feature is enabled, it fails to properly limit or throttle resource allocation in response to certain undisclosed traffic patterns. This lack of resource control (classified under CWE-770: Allocation of Resources Without Limits or Throttling) can cause multiple containers running on the control plane to terminate unexpectedly. Such container termination disrupts the normal operation of the chassis, potentially leading to denial of service (DoS) conditions. The vulnerability can be exploited remotely without any authentication or user interaction, increasing the risk profile. The CVSS v3.1 base score of 7.5 reflects a high severity, with the vector indicating network attack vector, low attack complexity, no privileges required, no user interaction, and impact limited to availability (no confidentiality or integrity impact). Although no public exploits are currently known, the vulnerability poses a significant risk to network infrastructure relying on these F5OS versions. The issue is particularly critical because F5OS chassis devices often serve as foundational components in data center and enterprise network environments, where availability is paramount. No patches are currently linked, and versions that have reached End of Technical Support are excluded from evaluation, emphasizing the need for upgrade or mitigation strategies.

The primary impact of CVE-2025-59778 is a denial of service condition caused by forced termination of multiple containers on the F5OS-C partition control plane. This can disrupt network traffic management, load balancing, and security functions provided by the F5OS chassis, potentially leading to outages or degraded performance in critical network environments. Organizations relying on affected F5OS versions may experience service interruptions, impacting business continuity and operational reliability. The vulnerability does not compromise confidentiality or integrity but severely affects availability, which is critical for network infrastructure devices. Given the remote, unauthenticated exploitability, attackers can trigger this condition from anywhere on the network, increasing the risk of widespread disruption. The lack of known exploits in the wild currently limits immediate threat but does not reduce the urgency for remediation, as the vulnerability is straightforward to exploit and affects widely deployed network hardware. The impact is especially significant for large enterprises, service providers, and government agencies that depend on F5OS chassis for secure and reliable network operations.

To mitigate CVE-2025-59778, organizations should first verify if their F5OS chassis devices are running affected versions 1.6.0 or 1.8.0 and have the Allowed IP Addresses feature enabled on the F5OS-C partition control plane. Immediate steps include disabling the Allowed IP Addresses feature if feasible, to prevent exploitation until a patch or update is available. Network segmentation and access control lists (ACLs) should be employed to restrict traffic sources that can reach the control plane, limiting exposure to potentially malicious undisclosed traffic. Monitoring and alerting on unusual container terminations or control plane instability can provide early detection of exploitation attempts. Organizations should engage with F5 support to obtain any available patches or recommended configuration changes. Planning for an upgrade to a supported and patched version of F5OS is critical, especially since versions beyond End of Technical Support are not evaluated and may remain vulnerable. Additionally, implementing rate limiting or traffic shaping at upstream network devices can help reduce the risk of resource exhaustion attacks. Regular vulnerability assessments and penetration testing focused on network infrastructure devices will help identify and remediate similar risks proactively.