CVE-2025-30661

CWE-732 — Incorrect Permission Assignment3 documents3 sources

Severity

8.5HIGH

EPSS

0.0%

top 95.11%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos

Timeline

PublishedJul 11

Description

An Incorrect Permission Assignment for Critical Resource vulnerability in line card script processing of Juniper Networks Junos OS allows a local, low-privileged user to install scripts to be executed as root, leading to privilege escalation. A local user with access to the local file system can copy a script to the router in a way that will be executed as root, as the system boots. Execution of the script as root can lead to privilege escalation, potentially providing the adversary complete co…

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5juniper_networks/junos_os23.2 — 23.2R2-S4+3

▶NVDjuniper/junos4 versions+3

🔴Vulnerability Details

CVEList

Junos OS: Low-privileged user can cause script to run as root, leading to privilege escalation↗2025-07-11

▶

📋Vendor Advisories

Juniper

CVE-2025-30661: An Incorrect Permission Assignment for Critical Resource vulnerability in line card script processing of Juniper Networks Junos OS allows a local, low↗2025-07-11

▶