CVE-2025-36546 – F5OS SSH Key-Based Authentication Privilege Escalation

May 7, 2025

CVE ID : CVE-2025-36546

Published : May 7, 2025, 10:15 p.m. | 1 hour, 21 minutes ago

Description : On an F5OS system, if the root user had previously configured the system to allow login via SSH key-based authentication, and then enabled Appliance Mode; access via SSH key-based authentication is still allowed. For an attacker to exploit this vulnerability they must obtain the root user’s SSH private key.

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Severity: 8.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-41414 – F5 BIG-IP HTTP/2 Profile Denial of Service

Next Article CVE-2025-36525 – BIG-IP APM PingAccess Profile Request Termination Vulnerability

Agent Mode for Gemini added to Android Studio

Google’s Agent2Agent protocol finds new home at the Linux Foundation

Decoding The SVG path Element: Curve And Arc Commands

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft makes Windows 10 security updates FREE for an extra year — but there’s a catch, and you might not like it

“Deus Ex” just turned 25 years old and it’s still the best PC game of all time — you only need $2 to play it on practically anything

Where to buy a Meta Quest 3S Xbox Edition — and why it’s a better bargain than the “normal” Meta Quest 3S

Vite 7.0 Is Out

Vite 7.0 Is Out

Exploring JavaScript ES2025 Edition

Mastering Mixed DML Operations in Apex

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft makes Windows 10 security updates FREE for an extra year — but there’s a catch, and you might not like it

“Deus Ex” just turned 25 years old and it’s still the best PC game of all time — you only need $2 to play it on practically anything

CVE-2025-36546 – F5OS SSH Key-Based Authentication Privilege Escalation

Critical Kibana Flaws: CVE-2025-2135 (CVSS 9.9) Allows Heap Corruption & RCE; Open Redirect Also Patched

CVE-2025-0966 – IBM InfoSphere Information Server SQL Injection Vulnerability

CVE-2025-4254 – PCMan FTP Server Buffer Overflow Vulnerability

Software architecture IS Conway’s Law

CVE-2025-43549 – Substance3D Use After Free Arbitrary Code Execution Vulnerability

Could LLMs help design our next medicines and materials?

CVE-2025-1731 and CVE-2025-1732 impacts Zyxel Firewalls

CVE-2025-5563 – WordPress WP-Addpub SQL Injection Vulnerability

Shift-Left Automation: Enhancing Software Quality with Smart Testing

GitHub for Beginners: Building a React App with GitHub Copilot

CVE-2025-36546 – F5OS SSH Key-Based Authentication Privilege Escalation

Related Posts