Improper Check Vulnerability in Junos OS Evolved Affecting Juniper Networks PTX Series
CVE-2025-59958
Key Information:
- Vendor
Juniper Networks
- Status
- Vendor
- CVE Published:
- 9 October 2025
Badges
What is CVE-2025-59958?
An improper check for unusual or exceptional conditions in the Packet Forwarding Engine (PFE) of Junos OS Evolved on Juniper Networks PTX Series allows unauthorized network attackers to impact both the confidentiality and availability of affected systems. Specifically, when output firewall filters are configured with a 'reject' action, packets that match these filters are incorrectly forwarded to the Routing Engine (RE), leading to undue resource consumption. Additionally, responses from the RE to the traffic source may unintentionally reveal sensitive information about the device. This vulnerability applies strictly to firewall filters on WAN or revenue interfaces, excluding the management and loopback interfaces.
Affected Version(s)
Junos OS Evolved PTX Series 0 < 22.4R3-EVO
Junos OS Evolved PTX Series 23.2 < 23.2R2-EVO