Out-of-bounds Read Vulnerability in Juniper Networks Junos OS and Junos OS Evolved
CVE-2025-21598

7.5HIGH

Key Information:

Vendor: Juniper Networks
Vendor: CVE Published:; 9 January 2025

Summary

An Out-of-bounds Read vulnerability exists within Juniper Networks' Junos OS and Junos OS Evolved's routing protocol daemon. This vulnerability allows an unauthenticated, network-based attacker to exploit the device by sending malformed BGP packets, which can lead to the crashing of the routing protocol daemon (rpd). The exploitation requires an established BGP session and can affect both iBGP and eBGP over IPv4 and IPv6. This issue can propagate across multiple Autonomous Systems (ASes), impacting devices that are vulnerable according to the affected software versions. Indicators of compromise may be identified by examining logs for messages related to malformed packets received from neighboring ASes.

References

https://supportportal.juniper.net/JSA92867

https://www.juniper.net/documentation/us/en/software/juno...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 9, 2025