CVE-2025-60003

CWE-126Buffer Over-read4 documents4 sources
Severity
8.7HIGH
EPSS
0.0%
top 95.60%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Juniper Networks Junos OSJuniper Networks Junos OS EvolvedJuniper Junos+1 more
Timeline
PublishedJan 15

Description

A Buffer Over-read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When an affected device receives a BGP update with a set of specific optional transitive attributes over an established peering session, rpd will crash and restart when attempting to advertise the received information to another peer. This issue can only happen if one or both of the BGP peers

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

Affected Packages4 packages

CVEListV5juniper_networks/junos_os_evolved23.223.2R2-S5-EVO+4
CVEListV5juniper_networks/junos_os23.223.2R2-S5+4
NVDjuniper/junos< 22.4+5

🔴Vulnerability Details

2
CVEList
Junos OS and Junos OS Evolved: BGP update with a set of specific attributes causes rpd crash2026-01-15
GHSA
GHSA-crj7-7vc6-g6g3: A Buffer Over-read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, net2026-01-15

📋Vendor Advisories

1
Juniper
CVE-2025-60003: A Buffer Over-read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, net2026-01-15
CVE-2025-60003 (HIGH CVSS 8.7) | A Buffer Over-read vulnerability in | cvebase.io