6.7

CVE-2025-21590

Warning
Media report

An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device.

A local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device.
This issue is not exploitable from the Junos CLI.
This issue affects Junos OS: 



  *  All versions before 21.2R3-S9,
  *  21.4 versions before 21.4R3-S10, 
  *  22.2 versions before 22.2R3-S6, 
  *  22.4 versions before 22.4R3-S6, 
  *  23.2 versions before 23.2R2-S3, 
  *  23.4 versions before 23.4R2-S4,
  *  24.2 versions before 24.2R1-S2, 24.2R2.

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users.
Data is provided by the National Vulnerability Database (NVD)
JuniperJunos Update- Version <= 21.2
JuniperJunos Version21.2 Updater1
JuniperJunos Version21.2 Updater1-s1
JuniperJunos Version21.2 Updater1-s2
JuniperJunos Version21.2 Updater2
JuniperJunos Version21.2 Updater2-s1
JuniperJunos Version21.2 Updater2-s2
JuniperJunos Version21.2 Updater3
JuniperJunos Version21.2 Updater3-s1
JuniperJunos Version21.2 Updater3-s2
JuniperJunos Version21.2 Updater3-s3
JuniperJunos Version21.2 Updater3-s4
JuniperJunos Version21.2 Updater3-s5
JuniperJunos Version21.2 Updater3-s6
JuniperJunos Version21.2 Updater3-s7
JuniperJunos Version21.2 Updater3-s8
JuniperJunos Version21.4
JuniperJunos Version21.4 Update-
JuniperJunos Version21.4 Updater1
JuniperJunos Version21.4 Updater1-s1
JuniperJunos Version21.4 Updater1-s2
JuniperJunos Version21.4 Updater2
JuniperJunos Version21.4 Updater2-s1
JuniperJunos Version21.4 Updater2-s2
JuniperJunos Version21.4 Updater3
JuniperJunos Version21.4 Updater3-s1
JuniperJunos Version21.4 Updater3-s2
JuniperJunos Version21.4 Updater3-s3
JuniperJunos Version21.4 Updater3-s4
JuniperJunos Version21.4 Updater3-s5
JuniperJunos Version21.4 Updater3-s6
JuniperJunos Version21.4 Updater3-s7
JuniperJunos Version21.4 Updater3-s8
JuniperJunos Version21.4 Updater3-s9
JuniperJunos Version22.2 Update-
JuniperJunos Version22.2 Updater1
JuniperJunos Version22.2 Updater1-s1
JuniperJunos Version22.2 Updater1-s2
JuniperJunos Version22.2 Updater2
JuniperJunos Version22.2 Updater2-s1
JuniperJunos Version22.2 Updater2-s2
JuniperJunos Version22.2 Updater3
JuniperJunos Version22.2 Updater3-s1
JuniperJunos Version22.2 Updater3-s2
JuniperJunos Version22.2 Updater3-s3
JuniperJunos Version22.2 Updater3-s4
JuniperJunos Version22.2 Updater3-s5
JuniperJunos Version22.4
JuniperJunos Version22.4 Update-
JuniperJunos Version22.4 Updater1
JuniperJunos Version22.4 Updater1-s1
JuniperJunos Version22.4 Updater1-s2
JuniperJunos Version22.4 Updater2
JuniperJunos Version22.4 Updater2-s1
JuniperJunos Version22.4 Updater2-s2
JuniperJunos Version22.4 Updater3
JuniperJunos Version22.4 Updater3-s1
JuniperJunos Version22.4 Updater3-s2
JuniperJunos Version22.4 Updater3-s3
JuniperJunos Version22.4 Updater3-s4
JuniperJunos Version22.4 Updater3-s5
JuniperJunos Version23.2 Update-
JuniperJunos Version23.2 Updater1
JuniperJunos Version23.2 Updater1-s1
JuniperJunos Version23.2 Updater1-s2
JuniperJunos Version23.2 Updater2
JuniperJunos Version23.2 Updater2-s1
JuniperJunos Version23.2 Updater2-s2
JuniperJunos Version23.4
JuniperJunos Version23.4 Update-
JuniperJunos Version23.4 Updater1
JuniperJunos Version23.4 Updater1-s1
JuniperJunos Version23.4 Updater1-s2
JuniperJunos Version23.4 Updater2
JuniperJunos Version23.4 Updater2-s1
JuniperJunos Version23.4 Updater2-s2
JuniperJunos Version23.4 Updater2-s3
JuniperJunos Version24.2
JuniperJunos Version24.2 Update-
JuniperJunos Version24.2 Updater1
JuniperJunos Version24.2 Updater1-s1
JuniperJunos Version24.2 Updater2

13.03.2025: CISA Known Exploited Vulnerabilities (KEV) Catalog

Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability

Vulnerability

Juniper Junos OS contains an improper isolation or compartmentalization vulnerability. This vulnerability could allows a local attacker with high privileges to inject arbitrary code.

Description

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Required actions
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 5.28% 0.896
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
sirt@juniper.net 4.4 0.8 3.6
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
sirt@juniper.net 6.7 0 0
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CWE-653 Improper Isolation or Compartmentalization

The product does not properly compartmentalize or isolate functionality, processes, or resources that require different privilege levels, rights, or permissions.