Denial-of-Service Vulnerability in Juniper Networks Junos OS Routing Protocol Daemon
CVE-2025-60004

8.7HIGH

Key Information:

Vendor
CVE Published:
9 October 2025

Badges

👾 Exploit Exists

What is CVE-2025-60004?

An improper check for unusual or exceptional conditions in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to trigger a Denial-of-Service (DoS). This vulnerability is activated when an affected system receives a specific BGP EVPN update message over an established BGP session, resulting in a crash and subsequent restart of the rpd. Importantly, the flaw does not require a BGP EVPN configuration to exist, meaning that systems may still be vulnerable even without peers designated to send BGP EVPN updates.

Affected Version(s)

Junos OS 23.4R2-S3 < 23.4R2-S5

Junos OS 24.2R2 < 24.2R2-S1

Junos OS 24.4R1 < 24.4R1-S3, 24.4R2

References

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-60004 : Denial-of-Service Vulnerability in Juniper Networks Junos OS Routing Protocol Daemon