Buffer Over-read Vulnerability in Juniper Networks Junos OS Routing Protocol Daemon
CVE-2025-60003

8.7HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Os; Junos Os Evolved
Vendor: CVE Published:; 15 January 2026

🔔 Create Juniper Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2025-60003?

A Buffer Over-read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved can be exploited by unauthenticated, network-based attackers to trigger a Denial-of-Service (DoS). An attack occurs when an affected device receives a BGP update containing specific optional transitive attributes over an established peering session, causing rpd to crash and subsequently restart while trying to advertise the received data to another peer. This vulnerability is especially critical when dealing with peers that are non-4-byte-AS capable.

Affected Version(s)

Junos OS 0 < 22.4R3-S8

Junos OS 23.2 < 23.2R2-S5

Junos OS 23.4 < 23.4R2-S6

References

https://supportportal.juniper.net/

vendor-advisory

https://kb.juniper.net/JSA103166

vendor-advisory

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Jan 15, 2026
Vulnerability published
Jan 15, 2026
Vulnerability Reserved
Sep 23, 2025

Credit

Juniper SIRT would like to acknowledge and thank Craig Dods from Meta’s Infrastructure Security Engineering team for responsibly reporting this vulnerability.

CVE-2025-60003 Data

JSON