Juniper Networks Vulnerability Let Remote Attacker Execute Network Attacks

Juniper Networks has disclosed a significant vulnerability affecting its Junos OS and Junos OS Evolved platforms.

Identified as CVE-2025-21598, this flaw allows unauthenticated remote attackers to exploit a critical out-of-bounds read vulnerability in the routing protocol daemon (rpd).

The vulnerability is triggered when devices are configured with Border Gateway Protocol (BGP) options enabled, leading to potential crashes and broader network disruptions.

Overview of the Vulnerability

The affected versions of Junos OS include 21.2R3-S8, 21.4R3-S7, 22.2R3-S4, 22.3R3-S2, 22.4R3, 23.2R2, 23.4R1, and 24.2R1, as well as the corresponding versions of Junos OS Evolved.

The vulnerability has been assigned a high severity score of 7.5 under the CVSS v3.1—indicating a critical risk that could lead to serious ramifications for network integrity.

Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free

The core issue arises from the ability ...