CVE-2025-60011

CWE-7544 documents4 sources

Severity

6.9MEDIUM

EPSS

0.0%

top 95.82%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Networks Junos OS Evolved Juniper Junos +1 more

Timeline

PublishedJan 15

Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an availability impact for downstream devices. When an affected device receives a specific optional, transitive BGP attribute over an existing BGP session, it will be erroneously modified before propagation to peers. When the attribute is detected as malformed by the peers, these pe…

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:L

Affected Packages4 packages

▶CVEListV5juniper_networks/junos_os_evolved23.2 — 23.2R2-S5-EVO+4

▶NVDjuniper/junos_os_evolved< 22.4+5

▶CVEListV5juniper_networks/junos_os23.2 — 23.2R2-S5+4

▶NVDjuniper/junos< 22.4+5

🔴Vulnerability Details

CVEList

Junos OS and Junos OS Evolved: Optional transitive BGP attribute is modified before propagation to peers causing sessions to flap↗2026-01-15

▶

GHSA

GHSA-9j3f-4m2h-6f2h: An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS E↗2026-01-15

▶

📋Vendor Advisories

Juniper

CVE-2025-60011: An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS E↗2026-01-15

▶