CVE-2025-52958
published 2025-07-11CVE-2025-52958: A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated…
medium6CVSS 4.0
AVAACHATPPRNUINVCNVINVAHSCNSINSALEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRAVXREMUGreen
A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS).On all Junos OS and Junos OS Evolved devices, when route validation is enabled, a rare condition during BGP initial session establishment can lead to an rpd crash and restart. This occurs specifically when the connection request fails during error-handling scenario.
Continued session establishment failures leads to a sustained DoS condition.
This issue affects Junos OS:
* All versions before 22.2R3-S6,
* from 22.4 before 22.4R3-S6,
* from 23.2 before 23.2R2-S3,
* from 23.4 before 23.4R2-S4,
* from 24.2 before 24.2R2;
Junos OS Evolved:
* All versions before 22.2R3-S6-EVO,
* from 22.4 before 22.4R3-S6-EVO,
* from 23.2 before 23.2R2-S3-EVO,
* from 23.4 before 23.4R2-S4-EVO,
* from 24.2 before 24.2R2-EVO.
Affected
23 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| juniper | junos | < 22.2 | 22.2 |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos_os | — | — |
| juniper | junos_os_evolved | < 22.2 | 22.2 |
| juniper | junos_os_evolved | — | — |
| juniper | junos_os_evolved | — | — |
| juniper | junos_os_evolved | — | — |
| juniper | junos_os_evolved | — | — |
| juniper | junos_os_evolved | — | — |
| juniper_networks | junos_os | < 22.2R3-S6 | 22.2R3-S6 |
| juniper_networks | junos_os | >= 22.4 < 22.4R3-S6 | 22.4R3-S6 |
| juniper_networks | junos_os | >= 23.2 < 23.2R2-S3 | 23.2R2-S3 |
| juniper_networks | junos_os | >= 23.4 < 23.4R2-S4 | 23.4R2-S4 |
| juniper_networks | junos_os | >= 24.2 < 24.2R2 | 24.2R2 |
| juniper_networks | junos_os_evolved | < 22.2R3-S6-EVO | 22.2R3-S6-EVO |
| juniper_networks | junos_os_evolved | >= 22.4 < 22.4R3-S6-EVO | 22.4R3-S6-EVO |
| juniper_networks | junos_os_evolved | >= 23.2 < 23.2R2-S3-EVO | 23.2R2-S3-EVO |
| juniper_networks | junos_os_evolved | >= 23.4 < 23.4R2-S4-EVO | 23.4R2-S4-EVO |
| juniper_networks | junos_os_evolved | >= 24.2 < 24.2R2-EVO | 24.2R2-EVO |