Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-21590

Summary
Assigner-juniper
Assigner Org ID-8cbe9d5a-a066-4c94-8978-4b15efeae968
Published At-12 Mar, 2025 | 13:59
Updated At-26 Feb, 2026 | 19:09
Rejected At-
Credits

Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability

Juniper Junos OS contains an improper isolation or compartmentalization vulnerability. This vulnerability could allows a local attacker with high privileges to inject arbitrary code.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Known Exploited Vulnerabilities (KEV)
cisa.gov
Vendor:
Juniper Networks, Inc.Juniper
Product:Junos OS
Added At:13 Mar, 2025
Due At:03 Apr, 2025

Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability

Juniper Junos OS contains an improper isolation or compartmentalization vulnerability. This vulnerability could allows a local attacker with high privileges to inject arbitrary code.

Used in Ransomware

:

Unknown

CWE

:
CWE-653

Required Action:

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Additional Notes:

https://supportportal.juniper.net/s/article/2025-03-Out-of-Cycle-Security-Bulletin-Junos-OS-A-local-attacker-with-shell-access-can-execute-arbitrary-code-CVE-2025-21590?language=en_US ; https://nvd.nist.gov/vuln/detail/CVE-2025-21590
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:juniper
Assigner Org ID:8cbe9d5a-a066-4c94-8978-4b15efeae968
Published At:12 Mar, 2025 | 13:59
Updated At:26 Feb, 2026 | 19:09
Rejected At:
▼CVE Numbering Authority (CNA)
Junos OS: An local attacker with shell access can execute arbitrary code

An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device. A local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device. This issue is not exploitable from the Junos CLI. This issue affects Junos OS:  * All versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S10,  * 22.2 versions before 22.2R3-S6,  * 22.4 versions before 22.4R3-S6,  * 23.2 versions before 23.2R2-S3,  * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R1-S2, 24.2R2.

Affected Products
Vendor
Juniper Networks, Inc.Juniper Networks
Product
Junos OS
Default Status
unaffected
Versions
Affected
  • From 0 before 21.2R3-S9 (semver)
  • From 21.4 before 21.4R3-S10 (semver)
  • From 22.2 before 22.2R3-S6 (semver)
  • From 22.4 before 22.4R3-S6 (semver)
  • From 23.2 before 23.2R2-S3 (semver)
  • From 23.4 before 23.4R2-S4 (semver)
  • From 24.2 before 24.2R1-S2, 24.2R2 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-653CWE-653 Improper Isolation or Compartmentalization
Type: CWE
CWE ID: CWE-653
Description: CWE-653 Improper Isolation or Compartmentalization
Metrics
VersionBase scoreBase severityVector
3.14.4MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
4.06.7MEDIUM
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
Version: 3.1
Base score: 4.4
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Version: 4.0
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

The following software releases have been updated to resolve this specific issue: 21.2R3-S9, 21.4R3-S10, 22.2R3-S6, 22.4R3-S6, 23.2R2-S3, 23.4R2-S4, 24.2R1-S2, 24.2R2, 24.4R1, and all subsequent releases.   Please note that this issue is not fixed for all platforms in the releases specified in the solution section. For the following products the fix is only available in these releases: SRX300 Series   21.2R3-S9, 23.4R2-S5*, 24.4R1 SRX550HM    22.2R3-S7* EX4300 Series     21.4R3-S11* (except EX4300-48MP which has fixes available as indicated in the solution) EX4600               21.4R3-S11* (except EX4650 which has fixes available as indicated in the solution) ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX500              21.2R3-S9 MX104               21.2R3-S9 * Future Release

Configurations
Workarounds

It is strongly recommended to mitigate the risk of exploitation by restricting shell access to trusted users only.

Exploits

At least one instance of malicious exploitation has been reported to the Juniper SIRT. Customers are encouraged to upgrade to a fixed release as soon as it's available and in the meantime take steps to mitigate this vulnerability.

Credits
reporter
Juniper SIRT would like to acknowledge and thank Matteo Memelli from Amazon for responsibly reporting this issue. Note: Amazon found the issue during internal security research and not due to exploitation.
Timeline
EventDate
Initial Publication2025-03-12 14:00:00
Corrected hotlinks for CVSS assessments2025-03-12 15:16:00
Rephrased sentences on Amazon involvement to reduce the chance for confusion2025-03-14 14:00:00
Updated solution section to clarify which platforms are not fixed in all but only in specific releases2025-04-09 08:17:00
For the products/platforms specifically mentioned in the solution section: Please note that Junos OS version 21.2R3-S9.20, which was made available last week, does not address the issue completely. We'll publish an updated version with the complete fix and update this advisory as soon as possible.2025-04-14 07:15:00
For the products/platforms specifically mentioned in the solution section: Please note that Junos OS version 21.2R3-S9.21 has been publish with the complete fix.2025-05-06 08:00:00
Event: Initial Publication
Date: 2025-03-12 14:00:00
Event: Corrected hotlinks for CVSS assessments
Date: 2025-03-12 15:16:00
Event: Rephrased sentences on Amazon involvement to reduce the chance for confusion
Date: 2025-03-14 14:00:00
Event: Updated solution section to clarify which platforms are not fixed in all but only in specific releases
Date: 2025-04-09 08:17:00
Event: For the products/platforms specifically mentioned in the solution section: Please note that Junos OS version 21.2R3-S9.20, which was made available last week, does not address the issue completely. We'll publish an updated version with the complete fix and update this advisory as soon as possible.
Date: 2025-04-14 07:15:00
Event: For the products/platforms specifically mentioned in the solution section: Please note that Junos OS version 21.2R3-S9.21 has been publish with the complete fix.
Date: 2025-05-06 08:00:00
Replaced By
Rejected Reason
References
HyperlinkResource
https://supportportal.juniper.net/JSA93446
vendor-advisory
https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-espionage-targets-juniper-routers
third-party-advisory
Hyperlink: https://supportportal.juniper.net/JSA93446
Resource:
vendor-advisory
Hyperlink: https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-espionage-targets-juniper-routers
Resource:
third-party-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
kev
dateAdded:
2025-03-13
reference:
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-21590
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
CVE-2025-21590 added to CISA KEV2025-03-13 00:00:00
Event: CVE-2025-21590 added to CISA KEV
Date: 2025-03-13 00:00:00
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-21590
government-resource
Hyperlink: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-21590
Resource:
government-resource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:sirt@juniper.net
Published At:12 Mar, 2025 | 14:15
Updated At:24 Oct, 2025 | 16:44

An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device. A local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device. This issue is not exploitable from the Junos CLI. This issue affects Junos OS:  * All versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S10,  * 22.2 versions before 22.2R3-S6,  * 22.4 versions before 22.4R3-S6,  * 23.2 versions before 23.2R2-S3,  * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R1-S2, 24.2R2.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
2025-03-132025-04-03Juniper Junos OS Improper Isolation or Compartmentalization VulnerabilityApply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Date Added: 2025-03-13
Due Date: 2025-04-03
Vulnerability Name: Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability
Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.06.7MEDIUM
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary3.14.4MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Type: Secondary
Version: 4.0
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 3.1
Base score: 4.4
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
CPE Matches
Juniper Networks, Inc.
juniper
>>junos>>Versions up to 21.2(inclusive)
cpe:2.3:o:juniper:junos:*:-:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.2
cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.2
cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.2
cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.2
cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.2
cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.2
cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.2
cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.2
cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.2
cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.2
cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.2
cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.2
cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.2
cpe:2.3:o:juniper:junos:21.2:r3-s6:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.2
cpe:2.3:o:juniper:junos:21.2:r3-s7:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.2
cpe:2.3:o:juniper:junos:21.2:r3-s8:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.4
cpe:2.3:o:juniper:junos:21.4:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.4
cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.4
cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.4
cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.4
cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.4
cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.4
cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.4
cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.4
cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.4
cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.4
cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.4
cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.4
cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.4
cpe:2.3:o:juniper:junos:21.4:r3-s5:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.4
cpe:2.3:o:juniper:junos:21.4:r3-s6:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.4
cpe:2.3:o:juniper:junos:21.4:r3-s7:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.4
cpe:2.3:o:juniper:junos:21.4:r3-s8:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>21.4
cpe:2.3:o:juniper:junos:21.4:r3-s9:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>22.2
cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>22.2
cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>22.2
cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>22.2
cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>22.2
cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>22.2
cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>22.2
cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>22.2
cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>22.2
cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>22.2
cpe:2.3:o:juniper:junos:22.2:r3-s2:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>22.2
cpe:2.3:o:juniper:junos:22.2:r3-s3:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>22.2
cpe:2.3:o:juniper:junos:22.2:r3-s4:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>22.2
cpe:2.3:o:juniper:junos:22.2:r3-s5:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>22.4
cpe:2.3:o:juniper:junos:22.4:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>22.4
cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>22.4
cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-653Secondarysirt@juniper.net
CWE ID: CWE-653
Type: Secondary
Source: sirt@juniper.net
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-espionage-targets-juniper-routerssirt@juniper.net
Third Party Advisory
https://supportportal.juniper.net/JSA93446sirt@juniper.net
Vendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-21590134c704f-9b21-4f2e-91b3-4a467353bcc0
US Government Resource
Hyperlink: https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-espionage-targets-juniper-routers
Source: sirt@juniper.net
Resource:
Third Party Advisory
Hyperlink: https://supportportal.juniper.net/JSA93446
Source: sirt@juniper.net
Resource:
Vendor Advisory
Hyperlink: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-21590
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource:
US Government Resource

Change History

0
Information is not available yet

Similar CVEs

1Records found
CVE-2024-30388
Matching Score-6
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Juniper Networks, Inc.
CVSS Score-7.1||HIGH
EPSS-0.08% / 23.13%
||
7 Day CHG~0.00%
Published-12 Apr, 2024 | 15:09
Updated-23 Jan, 2026 | 16:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: QFX5000 Series and EX Series: Specific malformed LACP packets will cause flaps

An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000 Series and EX Series allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). If a specific malformed LACP packet is received by a QFX5000 Series, or an EX4400, EX4100 or EX4650 Series device, an LACP flap will occur resulting in traffic loss. This issue affects Junos OS on QFX5000 Series, and on EX4400, EX4100 or EX4650 Series: * 20.4 versions from 20.4R3-S4 before 20.4R3-S8, * 21.2 versions from 21.2R3-S2 before 21.2R3-S6, * 21.4 versions from 21.4R2 before 21.4R3-S4, * 22.1 versions from 22.1R2 before 22.1R3-S3, * 22.2 versions before 22.2R3-S1, * 22.3 versions before 22.3R2-S2, 22.3R3, * 22.4 versions before 22.4R2-S1, 22.4R3.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-ex4100-hqfx5700qfx5120ex4100-fqfx5230-64cdqfx5200junosex4100qfx5241ex4650qfx5220qfx5130qfx5240qfx5110qfx5210ex4400Junos OS
CWE ID-CWE-653
Improper Isolation or Compartmentalization
Details not found