Access of Uninitialized Pointer Vulnerability in Juniper Networks Junos OS
CVE-2025-59962

6MEDIUM

Key Information:

Vendor
CVE Published:
9 October 2025

Badges

👾 Exploit Exists

What is CVE-2025-59962?

An access of uninitialized pointer vulnerability exists in the routing protocol daemon (rpd) of Juniper Networks' Junos OS and Junos OS Evolved. This can be exploited when BGP sharding is enabled, allowing an attacker to cause repeated route resolution that may crash and restart the rpd, leading to a Denial of Service (DoS). Continuous IGP route churn can increase the likelihood of the rpd crashing, potentially resulting in prolonged service disruption.

Affected Version(s)

Junos OS 21.4 < 21.4R3-S6

Junos OS 22.1 < 22.1R3-S6

Junos OS 22.2 < 22.2R3-S3

References

CVSS V4

Score:
6
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-59962 : Access of Uninitialized Pointer Vulnerability in Juniper Networks Junos OS