CVE-2025-53521 was first disclosed in October as a high-severity denial-of-service (DoS) flaw, but new information reveals the bug is much more dangerous.

DR (DZone Research) offers insights into software development trends, industry surveys, and technology adoption patterns, providing reports, whitepapers, and analyst insights to help businesses make informed decisions and stay competitive in the ever-evolving tech landscape. By exploring DR's curated content, developers can gain insights into emerging technologies, developer preferences, and industry best practices for building innovative and market-leading software solutions. Whether you're a startup founder, product manager, or tech executive, DR offers resources to guide your strategic planning and drive business success.

Dark Reading

CVE-2025-53521, a vulnerability in Fortinet's BIG-IP Access Policy Manager, has been reclassified from a high-severity denial-of-service flaw to a critical remote code execution (RCE) bug with a CVSS score of 9.8. Originally disclosed and patched in October 2025, new information obtained in March 2026 prompted the reclassification. The flaw is now under active exploitation, with CISA adding it to its Known Exploited Vulnerabilities catalog. Affected BIG-IP versions span 15.1.x through 17.5.x, and even systems in appliance mode remain vulnerable. Fortinet has published indicators of compromise, including specific file artifacts and log entries. Separately, a critical SQL injection flaw in FortiClient EMS (CVE-2026-21643) is also being actively exploited, with nearly 1,000 publicly exposed instances identified on Shodan.

Fortinet BIG-IP Vuln Reclassified as RCE, Under Exploitation