Security Alert (A25-01-06): Multiple Vulnerabilities in Juniper Networks Products


 

Published on: 09 January 2025

  
  

Description:

Juniper Networks has published security advisories to address multiple vulnerabilities in Junos OS, Junos OS Evolved and Junos Space. For detailed information about the vulnerabilities, please refer to the corresponding security advisories at vendor's website.

 

Affected Systems:

  • Juniper Networks Junos OS
  • Juniper Networks Junos OS Evolved
  • Juniper Networks Junos Space

For detailed information of the affected systems, please refer to the corresponding security advisory at vendor's website.

 

Impact:

Successful exploitation of the vulnerabilities could lead to remote code execution, denial of service, elevation of privilege, information disclosure or security restriction bypass on an affected system.

 

Recommendation:

Patches for affected systems are available. System administrators of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-in-OpenSSH
  • https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-On-SRv6-enabled-devices-an-attacker-sending-a-malformed-BGP-update-can-cause-the-rpd-to-crash-CVE-2025-21593
  • https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-specially-crafted-BGP-update-packet-causes-RPD-crash-CVE-2025-21602
  • https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-BGP-traceoptions-are-configured-receipt-of-malformed-BGP-packets-causes-RPD-to-crash-CVE-2025-21598
  • https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-With-certain-BGP-options-enabled-receipt-of-specifically-malformed-BGP-update-causes-RPD-crash-CVE-2025-21600
  • https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-Evolved-Receipt-of-specifically-malformed-IPv6-packets-causes-kernel-memory-exhaustion-leading-to-Denial-of-Service-CVE-2025-21599
  • https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-SRX-Series-Low-privileged-user-able-to-access-highly-sensitive-information-on-file-system-CVE-2025-21592
  • https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-SRX1500-SRX4100-SRX4200-Execution-of-low-privileged-CLI-command-results-in-chassisd-crash-CVE-2025-21596
  • https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R2-release
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2183
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805 (to CVE-2022-24810)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3019
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3255
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5088
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6240
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6516
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6683
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-7008
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42467
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52463
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52801
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1488
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6119
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6387
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25742 (to CVE-2024-25743)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26629 (to CVE-2024-26630)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26720
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26886
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26946
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28834 (to CVE-2024-28835)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32462
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35791
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35797
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35875
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36000
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36019
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36883
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36979
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38559
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38619
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39894
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40927
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40936
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41040
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41044
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41055
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41073
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41096
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42082
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42096
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42102
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42131
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45490 (to CVE-2024-45492)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21592 (to CVE-2025-21593)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21596
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21598 (to CVE-2025-21600)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21602


Tag: Juniper , Junos OS , Junos Space
Tags