vulnerability
Juniper Junos OS: 2025-07 Security Bulletin: Junos OS and Junos OS Evolved: When route validation is enabled, route validation cache connection establishment leads to an rpd crash (JSA100066) (CVE-2025-52958)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:A/AC:M/Au:N/C:N/I:N/A:C) | Jul 9, 2025 | Sep 18, 2025 | Sep 18, 2025 |
Description
A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS).On all Junos OS and Junos OS Evolved devices, when route validation is enabled, a rare condition during BGP initial session establishment can lead to an rpd crash and restart. This occurs specifically when the connection request fails during error-handling scenario.
Continued session establishment failures leads to a sustained DoS condition.
This issue affects Junos OS:
* All versions before 22.2R3-S6,
* from 22.4 before 22.4R3-S6,
* from 23.2 before 23.2R2-S3,
* from 23.4 before 23.4R2-S4,
* from 24.2 before 24.2R2;
Junos OS Evolved:
* All versions before 22.2R3-S6-EVO,
* from 22.4 before 22.4R3-S6-EVO,
* from 23.2 before 23.2R2-S3-EVO,
* from 23.4 before 23.4R2-S4-EVO,
* from 24.2 before 24.2R2-EVO.
Solution
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.