Denial-of-Service Vulnerability in Juniper Networks Junos OS Routing Protocol Daemon
CVE-2025-60004

8.7HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Os; Junos Os Evolved
Vendor: CVE Published:; 9 October 2025

🔔 Create Juniper Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2025-60004?

An improper check for unusual or exceptional conditions in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to trigger a Denial-of-Service (DoS). This vulnerability is activated when an affected system receives a specific BGP EVPN update message over an established BGP session, resulting in a crash and subsequent restart of the rpd. Importantly, the flaw does not require a BGP EVPN configuration to exist, meaning that systems may still be vulnerable even without peers designated to send BGP EVPN updates.

Affected Version(s)

Junos OS 23.4R2-S3 < 23.4R2-S5

Junos OS 24.2R2 < 24.2R2-S1

Junos OS 24.4R1 < 24.4R1-S3, 24.4R2

References

https://supportportal.juniper.net/JSA103165

vendor-advisory

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Oct 9, 2025
Vulnerability published
Oct 9, 2025
Vulnerability Reserved
Sep 23, 2025

JSON