CVE-2025-21598

Published Jan 9, 2025

Last updated a month ago

CVSS high 8.2

Overview

Description
An Out-of-bounds Read vulnerability in Juniper Networks Junos OS and Junos OS Evolved's routing protocol daemon (rpd) allows an unauthenticated, network-based attacker to send malformed BGP packets to a device configured with packet receive trace options enabled to crash rpd. This issue affects: Junos OS:  * from 21.2R3-S8 before 21.2R3-S9,  * from 21.4R3-S7 before 21.4R3-S9,  * from 22.2R3-S4 before 22.2R3-S5,  * from 22.3R3-S2 before 22.3R3-S4,  * from 22.4R3 before 22.4R3-S5,  * from 23.2R2 before 23.2R2-S2,  * from 23.4R1 before 23.4R2-S1,  * from 24.2R1 before 24.2R1-S1, 24.2R2. Junos OS Evolved: * from 21.4R3-S7-EVO before 21.4R3-S9-EVO,  * from 22.2R3-S4-EVO before 22.2R3-S5-EVO,  * from 22.3R3-S2-EVO before 22.3R3-S4-EVO,  * from 22.4R3-EVO before 22.4R3-S5-EVO,  * from 23.2R2-EVO before 23.2R2-S2-EVO,  * from 23.4R1-EVO before 23.4R2-S1-EVO,  * from 24.2R1-EVO before 24.2R1-S2-EVO, 24.2R2-EVO. This issue requires a BGP session to be established. This issue can propagate and multiply through multiple ASes until reaching vulnerable devices. This issue affects iBGP and eBGP. This issue affects IPv4 and IPv6. An indicator of compromise may be the presence of malformed update messages in a neighboring AS which is unaffected by this issue: For example, by issuing the command on the neighboring device:  show log messages Reviewing for similar messages from devices within proximity to each other may indicate this malformed packet is propagating:   rpd[<pid>]: Received malformed update from <IP address> (External AS <AS#>) and   rpd[<pid>]: Malformed Attribute
Source
sirt@juniper.net
NVD status
Received

Risk scores

CVSS 4.0

Type
Secondary
Base score
8.2
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:C/RE:M/U:Amber
Severity
HIGH

CVSS 3.1

Type
Primary
Base score
7.5
Impact score
3.6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity
HIGH

Weaknesses

sirt@juniper.net
CWE-125

Social media

Hype score
Not currently trending

  1. Juniper Junos OS の脆弱性 CVE-2025-21598/21599 が FIX:未認証での悪用が可能 https://t.co/ASVWNYFk6E Juniper Junos OS の脆弱性が FIX しました。リモートの未認証の脅威アクターに、攻撃を許す可能性がある脆弱性です。ご利用のチームは、ご注意ください。 #BGP #CVE202521598 #CVE202521599… https://t.co/A82m1p6rxq

    @iototsecnews

    21 Jan 2025

    116 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. ⚠️⚠️ CVE-2025-21598 &amp; CVE-2025-21599 Unauthenticated Attackers Can Exploit Junos Vulnerabilities 🎯5.9k+ Results are found on the https://t.co/pb16tGYaKe nearly year. 🔗FOFA Link:https://t.co/EKURLi3JmC FOFA Query:app="JUNIPer-JUNOS" 🔖Refer: https://t.co/q6GarNOQZA #OSI

    @fofabot

    14 Jan 2025

    1930 Impressions

    12 Retweets

    29 Likes

    10 Bookmarks

    0 Replies

    0 Quotes

  3. 🚨Alert🚨 CVE-2025-21598 &amp; CVE-2025-21599: Unauthenticated Attackers Can Exploit Junos Vulnerabilities 📊 4.1K+ Services are found on https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/pbKIT4UimN 👇Query HUNTER :/product.name="Juniper JUNOS" FOFA : product="JUNIPer-JU

    @HunterMapping

    14 Jan 2025

    1665 Impressions

    8 Retweets

    22 Likes

    6 Bookmarks

    0 Replies

    0 Quotes

  4. CVE-2025-21598: Out-of-bounds Read in Juniper Junos OS, 8.2 rating❗️ Out-of-bouds read vuln in the RDP daemon, fixed last week, could potentially lead to DoS. Search at https://t.co/hv7QKSqxTR: 👉 Link: https://t.co/GSWUJw5m3l #cybersecurity #vulnerability_map #juniper https:/

    @Netlas_io

    14 Jan 2025

    700 Impressions

    3 Retweets

    12 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  5. Juniper Networksの「Junos OS」と「Junos OS Evolved」における2つの重大な脆弱性は、未認証の攻撃者によって悪用される可能性があり、Juniper Networksは即座にパッチを適用することを強く推奨しています。 CVE-2025-21598 https://t.co/sCTxymawNh CVE-2025-21599 https://t.co/ZFyRGhMzXR

    @t_nihonmatsu

    14 Jan 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. Unauthenticated Attackers Can Exploit Junos Vulnerabilities (CVE-2025-21598 &amp; CVE-2025-21599) https://t.co/4nbS66dVjM

    @Dinosn

    14 Jan 2025

    2482 Impressions

    8 Retweets

    23 Likes

    6 Bookmarks

    0 Replies

    0 Quotes

  7. ジュニパー社がJunos OSの深刻な脆弱性複数を修正。CVE-2025-21598は細工されたBGPパケットによるDoS。CVE-2059-21599はJunos OSEvolvedのJTDにおける認証不要DoS。regreSSHion脆弱性(CE-2024-6387)を含むOpenSSHの脆弱性も修正。 https://t.co/PtXngjyYCY

    @__kokumoto

    13 Jan 2025

    1194 Impressions

    4 Retweets

    8 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  8. Juniper Networks'te Kritik Güvenlik Açığı: CVE-2025-21598 https://t.co/7Dv6dDlo0D

    @cyberwebeyeos

    13 Jan 2025

    23 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. به تازگی برای سیستم عامل های Juniper یعنی Junos OS و Junos OS Evolved آسیب پذیری با کد شناسایی CVE-2025-21598 منتشر شده است. نمره این آسیب پذیری 7.5 بوده و بر روی سیستم عامل های Junos ای که BGP را ساپورت می کند ، اکسپلویت می شود. https://t.co/Poz3aKY03t https://t.co/3Pb7XuT6FS

    @AmirHossein_sec

    12 Jan 2025

    23 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. کشف اسیب پذیری برای سیستم عامل های uniper به تازگی برای سیستم عامل های Juniper یعنی Junos OS و Junos OS Evolved آسیب پذیری با کد شناسایی CVE-2025-21598 منتشر شده است. نمره این آسیب پذیری 7.5 بوده و بر روی سیستم عامل های Junos ای که BGP را ساپورت می کند ، اکسپلویت می شود.

    @cybernetic_cy

    11 Jan 2025

    94 Impressions

    2 Retweets

    4 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. Threat Alert: Juniper Networks Vulnerability Let Remote Attacker Execute Network Attacks CVE-2025-21598 Severity: ⚠️ Critical Maturity: 🧨 Trending Learn more: https://t.co/F1JslGS4Eu #CyberSecurity #ThreatIntel #InfoSec

    @fletch_ai

    11 Jan 2025

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. 🚨 Security Alert: A critical vulnerability in Juniper Networks' Junos OS could allow remote attackers to disrupt networks. CVE-2025-21598 targets BGP configurations, posing a significant risk to IPv4 and IPv6 networks. Read more https://t.co/sqqo6LGdbM 🔒 #CyberSecurity #CVE25

    @Hosainfosec

    10 Jan 2025

    29 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. CVE-2025-21598 An Out-of-bounds Read vulnerability in Juniper Networks Junos OS and Junos OS Evolved's routing protocol daemon (rpd) allows an unauthenticated, network-based attacke… https://t.co/N4MCZwHUiP

    @CVEnew

    9 Jan 2025

    331 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References