CVE-2025-21590

MEDIUM KEV

Juniper Networks Junos OS <21.2R3-S9, <21.4R3-S10, <22.2R3-S - Priv...

Title source: llm

Description

An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device. A local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device. This issue is not exploitable from the Junos CLI. This issue affects Junos OS: * All versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S10, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3-S6, * 23.2 versions before 23.2R2-S3, * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R1-S2, 24.2R2.

References (3)

[Third Party Advisory] https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-espionage-targets-juniper-routers

[Vendor Advisory] https://supportportal.juniper.net/JSA93446

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-21590

Scores

CVSS v3 4.4

EPSS 0.0149

EPSS Percentile 81.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Details

CISA KEV 2025-03-13

VulnCheck KEV 2025-03-12

ENISA EUVD EUVD-2025-6303

CWE

CWE-653

Status published

Products (4)

juniper/junos 21.2 r1 (15 CPE variants)

juniper/junos 21.4 (18 CPE variants)

juniper/junos 22.2 (13 CPE variants)

juniper/junos 22.4 (4 CPE variants)

Published Mar 12, 2025

KEV Added Mar 13, 2025

Tracked Since Feb 18, 2026