Improper Check Vulnerability in Junos OS Evolved Affecting Juniper Networks PTX Series
CVE-2025-59958

6.9MEDIUM

Key Information:

Vendor: Juniper Networks
Status: Junos Os Evolved
Vendor: CVE Published:; 9 October 2025

🔔 Create Juniper Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2025-59958?

An improper check for unusual or exceptional conditions in the Packet Forwarding Engine (PFE) of Junos OS Evolved on Juniper Networks PTX Series allows unauthorized network attackers to impact both the confidentiality and availability of affected systems. Specifically, when output firewall filters are configured with a 'reject' action, packets that match these filters are incorrectly forwarded to the Routing Engine (RE), leading to undue resource consumption. Additionally, responses from the RE to the traffic source may unintentionally reveal sensitive information about the device. This vulnerability applies strictly to firewall filters on WAN or revenue interfaces, excluding the management and loopback interfaces.

Affected Version(s)

Junos OS Evolved PTX Series 0 < 22.4R3-EVO

Junos OS Evolved PTX Series 23.2 < 23.2R2-EVO

References

https://supportportal.juniper.net/JSA103147

vendor-advisory

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Oct 9, 2025
Vulnerability published
Oct 9, 2025
Vulnerability Reserved
Sep 23, 2025

JSON