Is there a patch available for CVE-2026-41217?

Yes, a patch is available for CVE-2026-41217. Update the affected software to the latest version immediately.

F5 BIG-IP TMOS CVE-2026-41217

Q: What is the CVSS score of CVE-2026-41217?

CVE-2026-41217 has a CVSS 4.0 base score of 8.3 (High). CVSS vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-29983 HIGH

Incorrect Permission Assignment for Critical Resource (CWE-732)

2026-05-13 f5

GHSA-vg2p-cjx9-xffp

Information Disclosure

8.3

CVSS 4.0

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Lifecycle Timeline

Re-analysis Queued

May 13, 2026 - 16:22 vuln.today

cvss_changed

Severity Changed

May 13, 2026 - 16:22 NVD

MEDIUM HIGH

CVSS changed

May 13, 2026 - 16:22 NVD

6.0 (MEDIUM) 8.3 (HIGH)

Analysis Generated

May 13, 2026 - 15:58 vuln.today

CVE Published

May 13, 2026 - 14:12 nvd

MEDIUM 6.0

DescriptionNVD

A vulnerability exists in an undisclosed BIG-IP TMOS Shell (tmsh) command that may allow an authenticated attacker with resource administrator or administrator role to execute arbitrary system commands with higher privileges. In Appliance mode deployments, a successful exploit can allow the attacker to cross a security boundary.

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

AnalysisAI

F5 BIG-IP TMOS shell (tmsh) allows authenticated administrators and resource administrators to execute arbitrary system commands with elevated privileges via an undisclosed command, potentially crossing security boundaries in Appliance mode deployments. The vulnerability requires high-privilege account access and local command-line interaction but poses significant risk to appliance-mode BIG-IP systems where privilege escalation could compromise the entire platform.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-41217 vulnerability details – vuln.today

Back

F5 BIG-IP TMOS CVE-2026-41217

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Analysis

Full analysis requires sign-in

Share

F5 BIG-IP TMOS CVE-2026-41217

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Full analysis requires sign-in

Share

External POC / Exploit Code