Improper Check Vulnerability in Junos OS Evolved Affecting Juniper Networks PTX Series
CVE-2025-59958

6.9MEDIUM

Key Information:

Vendor
CVE Published:
9 October 2025

Badges

👾 Exploit Exists

What is CVE-2025-59958?

An improper check for unusual or exceptional conditions in the Packet Forwarding Engine (PFE) of Junos OS Evolved on Juniper Networks PTX Series allows unauthorized network attackers to impact both the confidentiality and availability of affected systems. Specifically, when output firewall filters are configured with a 'reject' action, packets that match these filters are incorrectly forwarded to the Routing Engine (RE), leading to undue resource consumption. Additionally, responses from the RE to the traffic source may unintentionally reveal sensitive information about the device. This vulnerability applies strictly to firewall filters on WAN or revenue interfaces, excluding the management and loopback interfaces.

Affected Version(s)

Junos OS Evolved PTX Series 0 < 22.4R3-EVO

Junos OS Evolved PTX Series 23.2 < 23.2R2-EVO

References

CVSS V4

Score:
6.9
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-59958 : Improper Check Vulnerability in Junos OS Evolved Affecting Juniper Networks PTX Series