Use After Free Vulnerability in Juniper Networks Junos OS and Junos OS Evolved
CVE-2025-52946

8.7HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Os; Junos Os Evolved
Vendor: CVE Published:; 11 July 2025

🔔 Create Juniper Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2025-52946?

A Use After Free vulnerability exists in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved. By sending a specifically malformed AS PATH in a BGP update, an attacker can trigger a crash of the rpd process, leading to Denial of Service (DoS). This condition persists as long as the malformed AS PATH is continuously received. The issue specifically affects systems where BGP traceoptions are enabled and a BGP session has been established. Systems without BGP traceoptions enabled remain unaffected. Updated patches are available to mitigate this issue, improving upon previous fixes.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Junos OS 0 < 21.2R3-S9

Junos OS 21.4

Junos OS 22.2 < 22.2R3-S6

References

https://supportportal.juniper.net/JSA100050

vendor-advisory

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

👾
Exploit known to exist
Jul 11, 2025
Vulnerability published
Jul 11, 2025
Vulnerability Reserved
Jun 23, 2025

JSON

Juniper Networks

Badges

What is CVE-2025-52946?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.