CVE-2026-40631

HIGH NVD

CVSS Score 8.7

Severity HIGH

Published May 13, 2026

Vendor unknown

Description

An authenticated attacker with the Resource Administrator or Administrator role can modify configuration objects through iControl SOAP resulting in privilege escalation. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

References

https://my.f5.com/manage/s/article/K000160979