Denial-of-Service Vulnerability in Juniper Networks Junos OS Routing Protocol Daemon
CVE-2025-60004
8.7HIGH
Key Information:
- Vendor
Juniper Networks
- Status
- Vendor
- CVE Published:
- 9 October 2025
Badges
👾 Exploit Exists
What is CVE-2025-60004?
An improper check for unusual or exceptional conditions in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to trigger a Denial-of-Service (DoS). This vulnerability is activated when an affected system receives a specific BGP EVPN update message over an established BGP session, resulting in a crash and subsequent restart of the rpd. Importantly, the flaw does not require a BGP EVPN configuration to exist, meaning that systems may still be vulnerable even without peers designated to send BGP EVPN updates.
Affected Version(s)
Junos OS 23.4R2-S3 < 23.4R2-S5
Junos OS 24.2R2 < 24.2R2-S1
Junos OS 24.4R1 < 24.4R1-S3, 24.4R2