Access of Uninitialized Pointer Vulnerability in Juniper Networks Junos OS
CVE-2025-59962

6MEDIUM

Key Information:

Vendor: Juniper Networks
Status: Junos Os; Junos Os Evolved
Vendor: CVE Published:; 9 October 2025

🔔 Create Juniper Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2025-59962?

An access of uninitialized pointer vulnerability exists in the routing protocol daemon (rpd) of Juniper Networks' Junos OS and Junos OS Evolved. This can be exploited when BGP sharding is enabled, allowing an attacker to cause repeated route resolution that may crash and restart the rpd, leading to a Denial of Service (DoS). Continuous IGP route churn can increase the likelihood of the rpd crashing, potentially resulting in prolonged service disruption.

Affected Version(s)

Junos OS 21.4 < 21.4R3-S6

Junos OS 22.1 < 22.1R3-S6

Junos OS 22.2 < 22.2R3-S3

References

https://supportportal.juniper.net/JSA103151

vendor-advisory

CVSS V4

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Timeline

👾
Exploit known to exist
Oct 9, 2025
Vulnerability published
Oct 9, 2025
Vulnerability Reserved
Sep 23, 2025

JSON