Memory Leak Vulnerability in Junos OS and Junos OS Evolved by Juniper Networks
CVE-2025-52986

6.8MEDIUM

Key Information:

Vendor: Juniper Networks
Status: Junos Os; Junos Os Evolved
Vendor: CVE Published:; 11 July 2025

🔔 Create Juniper Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2025-52986?

A vulnerability in the routing protocol daemon (rpd) of Juniper Networks' Junos OS and Junos OS Evolved can be exploited by a local user with low privileges. When RIB sharding is enabled, executing routing-related commands can lead to a memory leak. This leak may be monitored using specific CLI commands, and consistent exploitation can exhaust available memory, causing rpd to crash and restart. Affected versions include various releases of Junos OS and Junos OS Evolved, requiring immediate attention to maintain device stability.

Affected Version(s)

Junos OS 0 < 21.2R3-S9

Junos OS 21.4 < 21.4R3-S11

Junos OS 22.2 < 22.2R3-S7

References

https://supportportal.juniper.net/JSA100092

vendor-advisory

CVSS V4

Score:

6.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Jul 11, 2025
Vulnerability published
Jul 11, 2025
Vulnerability Reserved
Jun 23, 2025