Juniper Networks disclosed CVE-2025-21598, a critical vulnerability in Junos OS and Junos OS Evolved, allowing remote attackers to exploit an out-of-bounds read in the routing protocol daemon (rpd), causing crashes and network disruptions when BGP is enabled.
Juniper Networks Flaw
The affected Junos OS versions include 21.2R3-S8, 21.4R3-S7, 22.2R3-S4, 22.3R3-S2, 22.4R3, 23.2R2, 23.4R1, and 24.2R1, along with corresponding Junos OS Evolved versions. The vulnerability has a CVSS v3.1 score of 7.5, indicating a critical risk to network integrity.
The vulnerability allows attackers to send malformed BGP packets to devices with specific packet trace options enabled. This can cause the rpd to crash, interrupting BGP sessions and spreading the issue across Autonomous Systems (ASes). Both iBGP and eBGP are affected, risking IPv4 and IPv6 network stability.
Juniper advises network administrators to monitor for signs of this vulnerability, such as detecting malformed update messages from neighboring ASes. Relevant log messages may include alerts about malformed updates and attributes.
Juniper Networks has released software updates to fix the vulnerability. Users should upgrade to the following patched versions:
- Junos OS: 21.2R3-S9, 21.4R3-S9, 22.2R3-S5, 22.3R3-S4, 22.4R3-S5, 23.2R2-S2, 23.4R2-S1, 24.2R1-S1, 24.2R2, and later versions.
- Junos OS Evolved: 21.4R3-S9-EVO, 22.2R3-S5-EVO, 22.3R3-S4-EVO, 22.4R3-S5-EVO, 23.2R2-S2-EVO, 23.4R2-S1-EVO, 24.2R1-S2-EVO, 24.2R2-EVO, and later versions.
As a temporary workaround, disabling BGP packet tracing is recommended until updates are applied.
This vulnerability highlights the need for organizations to regularly patch their network equipment and stay alert to potential threats. Juniper Networks’ quick response emphasizes the importance of proactive cybersecurity.
Follow Us on: Twitter, Instagram, Facebook to get the latest security news!
Leave A Comment