Is the 5000s LTM standalone (C109) end of life?

Yes. The F5 Networks 5000s LTM standalone (C109) has reached end of life. Vendor support ended on 2025-04-01.

When is the 5000s LTM standalone (C109) end of sale date?

The F5 Networks 5000s LTM standalone (C109) reached end of sale on 2018-04-01. The last date of vendor support is 2025-04-01.

When does F5 Networks support end for the 5000s LTM standalone (C109)?

F5 Networks support for the 5000s LTM standalone (C109) ended on 2025-04-01.

Home/F5 Networks/BIG-IP Legacy/5000s LTM standalone (C109)

5000s LTM standalone (C109)

SKU 5000s

F5 Networks Chassis · BIG-IP Legacy Series

High confidence Official F5 Networks notice (K4309) ↗ Verified 2026-05-31

5000s LTM standalone (C109) is dead. F5 Networks support ended 2025-04-01 (-429d). Last available for order 2018-04-01.

Is the 5000s LTM standalone (C109) still supported?

No. F5 Networks ended support for the 5000s LTM standalone (C109) on 2025-04-01. No further security fixes will be issued. See F5 Networks's lifecycle bulletin.

When does the 5000s LTM standalone (C109) reach end of support?

F5 Networks support for the 5000s LTM standalone (C109) ends on 2025-04-01.

What replaces the 5000s LTM standalone (C109)?

F5 Networks has not published a successor model for the 5000s LTM standalone (C109).

What known-exploited CVEs apply to the 5000s LTM standalone (C109) past end of support?

5 CVEs in CISA's Known Exploited Vulnerabilities catalog apply to the platform the 5000s LTM standalone (C109) runs. These will not be patched on this device because it is past the F5 Networks security-support date. See the Known Exploited Vulnerabilities table below for the full list.

Known Exploited Vulnerabilities

This device is past F5 Networks's security-support date. 5 CVEs in CISA's Known Exploited Vulnerabilities catalog apply to the platform it runs. F5 Networks is not issuing patches for this model. Isolate, compensate, or refresh.

CVE	KEV added	Vulnerability	Flags
`CVE-2025-53521`	2026-03-27	F5 BIG-IP Stack-Based Buffer Overflow Vulnerability Advisory 1 Advisory 2 Advisory 3
`CVE-2023-46748`	2023-10-31	F5 BIG-IP Configuration Utility SQL Injection Vulnerability Advisory 1 Advisory 2
`CVE-2023-46747`	2023-10-31	F5 BIG-IP Configuration Utility Authentication Bypass Vulnerability Advisory 1 Advisory 2	Ransomware
`CVE-2022-1388`	2022-05-10	F5 BIG-IP Missing Authentication Vulnerability Advisory 1	Ransomware
`CVE-2020-5902`	2021-11-03	F5 BIG-IP Traffic Management User Interface (TMUI) Remote Code Execution Vulnerability Advisory 1	Ransomware

Source: CISA Known Exploited Vulnerabilities catalog. The Ransomware flag reflects CISA's own knownRansomwareCampaignUse field, set when the CVE has been observed in ransomware campaigns per their threat intel. It's not a property of the vulnerability description itself.

Correlation is at the platform level, not per-OS-version. Not exhaustive: KEV only lists actively-exploited CVEs and many relevant unexploited vulnerabilities are not here. Verify against vendor security advisories (PSIRT, JSA, PAN-SA) and NVD before acting. See compensating controls if refresh isn't immediate.

End of Sale 2018-04-01

End of Support 2025-04-01