CVE-2025-21596 — Improper Handling of Exceptional Conditions in Networks Junos OS

CWE-755 — Improper Handling of Exceptional Conditions4 documents4 sources

Severity

6.8MEDIUMNVD

EPSS

0.1%

top 76.70%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos

Timeline

PublishedJan 9

Description

An Improper Handling of Exceptional Conditions vulnerability in the command-line processing of Juniper Networks Junos OS on SRX1500, SRX4100, and SRX4200 devices allows a local, low-privileged authenticated attacker executing the 'show chassis environment pem' command to cause the chassis daemon (chassisd) to crash and restart, resulting in a temporary Denial of Service (DoS). However, repeated execution of this command will eventually cause the chassisd process to fail to restart, impacting pac…

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5juniper_networks/junos_os22.2 — 22.2R3-S5+5

▶NVDjuniper/junos< 21.4+6

🔴Vulnerability Details

GHSA

GHSA-rxq5-5w2f-g92r: An Improper Handling of Exceptional Conditions vulnerability in the command-line processing of Juniper Networks Junos OS on SRX1500, SRX4100, and SRX4↗2025-01-09

▶

CVEList

Junos OS: SRX1500,SRX4100,SRX4200: Execution of low-privileged CLI command results in chassisd crash↗2025-01-09

▶

📋Vendor Advisories

Juniper

CVE-2025-21596: An Improper Handling of Exceptional Conditions vulnerability in the command-line processing of Juniper Networks Junos OS on SRX1500, SRX4100, and SRX4↗2025-01-09

▶