CVE-2025-30661

EPSS 0.02%
Veröffentlicht 11.07.2025 14:38:52
Zuletzt bearbeitet 26.01.2026 19:28:14
Quelle sirt@juniper.net
CVE-Watchlists
Login
Unerledigt
Login

An Incorrect Permission Assignment for Critical Resource vulnerability in line card script processing of Juniper Networks Junos OS allows a local, low-privileged user to install scripts to be executed as root, leading to privilege escalation.

A local user with access to the local file system can copy a script to the router in a way that will be executed as root, as the system boots. Execution of the script as root can lead to privilege escalation, potentially providing the adversary complete control of the system.

This issue only affects specific line cards, such as the MPC10, MPC11, LC4800, LC9600, MX304-LMIC16, SRX4700, and EX9200-15C.

This issue affects Junos OS:  *  from 23.2 before 23.2R2-S4, 
  *  from 23.4 before 23.4R2-S5, 
  *  from 24.2 before 24.2R2-S1, 
  *  from 24.4 before 24.4R1-S3, 24.4R2.






This issue does not affect versions prior to 23.1R2.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Juniper ≫ Junos Version23.2 Update-

   Juniper ≫ Ex9200-15c Version-
   Juniper ≫ Lc4800 Version-
   Juniper ≫ Lc9600 Version-
   Juniper ≫ Mpc10e-10c Version-
   Juniper ≫ Mpc10e-15c Version-
   Juniper ≫ Mpc11 Version-
   Juniper ≫ Mx304-lmic16 Version-
   Juniper ≫ Srx4700 Version-

Juniper ≫ Junos Version23.2 Updater1

Juniper ≫ Junos Version23.2 Updater1-s1

Juniper ≫ Junos Version23.2 Updater1-s2

Juniper ≫ Junos Version23.2 Updater2

Juniper ≫ Junos Version23.2 Updater2-s1

Juniper ≫ Junos Version23.2 Updater2-s2

Juniper ≫ Junos Version23.2 Updater2-s3

Juniper ≫ Junos Version23.4 Update-

Juniper ≫ Junos Version23.4 Updater1

Juniper ≫ Junos Version23.4 Updater1-s1

Juniper ≫ Junos Version23.4 Updater1-s2

Juniper ≫ Junos Version23.4 Updater2

Juniper ≫ Junos Version23.4 Updater2-s1

Juniper ≫ Junos Version23.4 Updater2-s2

Juniper ≫ Junos Version23.4 Updater2-s3

Juniper ≫ Junos Version23.4 Updater2-s4

Juniper ≫ Junos Version24.2 Update-

Juniper ≫ Junos Version24.2 Updater1

Juniper ≫ Junos Version24.2 Updater1-s1

Juniper ≫ Junos Version24.2 Updater1-s2

Juniper ≫ Junos Version24.2 Updater2

Juniper ≫ Junos Version24.4 Update-

Juniper ≫ Junos Version24.4 Updater1

Juniper ≫ Junos Version24.4 Updater1-s2

Juniper ≫ Junos Version24.4 Updater2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.023

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
sirt@juniper.net	8.5	0	0	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:X/RE:M/U:Amber
sirt@juniper.net	7.3	1.3	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE-732 Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

https://supportportal.juniper.net/JSA100057

Vendor Advisory

https://github.com/orangecertcc/security-research/security/advisories/GHSA-2p66-9j7x-fmch

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-30661

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-30661

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-30661

EUVD