Reachable Assertion Vulnerability in Junos OS and Junos OS Evolved by Juniper Networks
CVE-2025-52958

6MEDIUM

Key Information:

Vendor

Juniper Networks
Status
Junos Os
Junos Os Evolved
Vendor
CVE Published:
11 July 2025

Badges

👾 Exploit Exists

What is CVE-2025-52958?

A reachable assertion flaw exists in the routing protocol daemon (rpd) within Junos OS and Junos OS Evolved, allowing an adjacent unauthenticated attacker to trigger a Denial of Service condition. This vulnerability is particularly problematic during the establishment of BGP sessions when route validation is enabled. Under certain rare circumstances, failed connection requests can provoke the rpd to crash and restart, leading to continuous session establishment failures and resulting in a sustained denial of service.

Affected Version(s)

Junos OS 0 < 22.2R3-S6

Junos OS 22.4 < 22.4R3-S6

Junos OS 23.2 < 23.2R2-S3

References

https://supportportal.juniper.net/JSA100066
vendor-advisory

CVSS V4

Score:
6
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
High
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-52958 : Reachable Assertion Vulnerability in Junos OS and Junos OS Evolved by Juniper Networks