CVE-2025-21590: Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability
First published: Wed Mar 12 2025(Updated: )
An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device. A local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device. This issue is not exploitable from the Junos CLI. This issue affects Junos OS: * All versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S10, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3-S6, * 23.2 versions before 23.2R2-S3, * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R1-S2, 24.2R2.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Juniper Junos | ||
| Junos OS Evolved | <=21.2 | |
| Junos OS Evolved | =21.2-r1 | |
| Junos OS Evolved | =21.2-r1-s1 | |
| Junos OS Evolved | =21.2-r1-s2 | |
| Junos OS Evolved | =21.2-r2 | |
| Junos OS Evolved | =21.2-r2-s1 | |
| Junos OS Evolved | =21.2-r2-s2 | |
| Junos OS Evolved | =21.2-r3 | |
| Junos OS Evolved | =21.2-r3-s1 | |
| Junos OS Evolved | =21.2-r3-s2 | |
| Junos OS Evolved | =21.2-r3-s3 | |
| Junos OS Evolved | =21.2-r3-s4 | |
| Junos OS Evolved | =21.2-r3-s5 | |
| Junos OS Evolved | =21.2-r3-s6 | |
| Junos OS Evolved | =21.2-r3-s7 | |
| Junos OS Evolved | =21.2-r3-s8 | |
| Junos OS Evolved | =21.4 | |
| Junos OS Evolved | =21.4 | |
| Junos OS Evolved | =21.4-r1 | |
| Junos OS Evolved | =21.4-r1-s1 | |
| Junos OS Evolved | =21.4-r1-s2 | |
| Junos OS Evolved | =21.4-r2 | |
| Junos OS Evolved | =21.4-r2-s1 | |
| Junos OS Evolved | =21.4-r2-s2 | |
| Junos OS Evolved | =21.4-r3 | |
| Junos OS Evolved | =21.4-r3-s1 | |
| Junos OS Evolved | =21.4-r3-s2 | |
| Junos OS Evolved | =21.4-r3-s3 | |
| Junos OS Evolved | =21.4-r3-s4 | |
| Junos OS Evolved | =21.4-r3-s5 | |
| Junos OS Evolved | =21.4-r3-s6 | |
| Junos OS Evolved | =21.4-r3-s7 | |
| Junos OS Evolved | =21.4-r3-s8 | |
| Junos OS Evolved | =21.4-r3-s9 | |
| Junos OS Evolved | =22.2 | |
| Junos OS Evolved | =22.2-r1 | |
| Junos OS Evolved | =22.2-r1-s1 | |
| Junos OS Evolved | =22.2-r1-s2 | |
| Junos OS Evolved | =22.2-r2 | |
| Junos OS Evolved | =22.2-r2-s1 | |
| Junos OS Evolved | =22.2-r2-s2 | |
| Junos OS Evolved | =22.2-r3 | |
| Junos OS Evolved | =22.2-r3-s1 | |
| Junos OS Evolved | =22.2-r3-s2 | |
| Junos OS Evolved | =22.2-r3-s3 | |
| Junos OS Evolved | =22.2-r3-s4 | |
| Junos OS Evolved | =22.2-r3-s5 | |
| Junos OS Evolved | =22.4 | |
| Junos OS Evolved | =22.4 | |
| Junos OS Evolved | =22.4-r1 | |
| Junos OS Evolved | =22.4-r1-s1 | |
| Junos OS Evolved | =22.4-r1-s2 | |
| Junos OS Evolved | =22.4-r2 | |
| Junos OS Evolved | =22.4-r2-s1 | |
| Junos OS Evolved | =22.4-r2-s2 | |
| Junos OS Evolved | =22.4-r3 | |
| Junos OS Evolved | =22.4-r3-s1 | |
| Junos OS Evolved | =22.4-r3-s2 | |
| Junos OS Evolved | =22.4-r3-s3 | |
| Junos OS Evolved | =22.4-r3-s4 | |
| Junos OS Evolved | =22.4-r3-s5 | |
| Junos OS Evolved | =23.2 | |
| Junos OS Evolved | =23.2-r1 | |
| Junos OS Evolved | =23.2-r1-s1 | |
| Junos OS Evolved | =23.2-r1-s2 | |
| Junos OS Evolved | =23.2-r2 | |
| Junos OS Evolved | =23.2-r2-s1 | |
| Junos OS Evolved | =23.2-r2-s2 | |
| Junos OS Evolved | =23.4 | |
| Junos OS Evolved | =23.4 | |
| Junos OS Evolved | =23.4-r1 | |
| Junos OS Evolved | =23.4-r1-s1 | |
| Junos OS Evolved | =23.4-r1-s2 | |
| Junos OS Evolved | =23.4-r2 | |
| Junos OS Evolved | =23.4-r2-s1 | |
| Junos OS Evolved | =23.4-r2-s2 | |
| Junos OS Evolved | =23.4-r2-s3 | |
| Junos OS Evolved | =24.2 | |
| Junos OS Evolved | =24.2 | |
| Junos OS Evolved | =24.2-r1 | |
| Junos OS Evolved | =24.2-r1-s1 | |
| Junos OS Evolved | =24.2-r2 | |
| Juniper JUNOS | <21.2R3-S9<21.4R3-S10<22.2R3-S6<22.4R3-S6<23.2R2-S3<23.4R2-S4<24.2R1-S2<24.2R2 |
Remedy
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Remedy
The following software releases have been updated to resolve this specific issue: 21.2R3-S9, 21.4R3-S10, 22.2R3-S6, 22.4R3-S6, 23.2R2-S3, 23.4R2-S4, 24.2R1-S2, 24.2R2, 24.4R1, and all subsequent releases. Please note that this issue is not fixed for all platforms in the releases specified in the solution section. For the following products the fix is only available in these releases: SRX300 Series 21.2R3-S9*, 23.4R2-S5*, 24.4R1 SRX550HM 22.2R3-S7* EX4300 Series 21.4R3-S11* (except EX4300-48MP which has fixes available as indicated in the solution) EX4600 21.4R3-S11* (except EX4650 which has fixes available as indicated in the solution) ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX500 21.2R3-S9* MX104 21.2R3-S9* * Future Release
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://supportportal.juniper.net/JSA93446
- https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-espionage-targets-juniper-routers
- https://www.bleepingcomputer.com/news/security/juniper-patches-bug-that-let-chinese-cyberspies-backdoor-routers-since-mid-2024/
- https://supportportal.juniper.net/s/article/2025-03-Out-of-Cycle-Security-Bulletin-Junos-OS-A-local-attacker-with-shell-access-can-execute-arbitrary-code-CVE-2025-21590?language=en_US
- https://nvd.nist.gov/vuln/detail/CVE-2025-21590
Frequently Asked Questions
What is the severity of CVE-2025-21590?
CVE-2025-21590 is rated as a high severity vulnerability due to its potential to compromise device integrity through improper isolation.
How do I fix CVE-2025-21590?
To mitigate CVE-2025-21590, it is recommended to update Junos OS to the latest version that addresses this vulnerability.
Who is affected by CVE-2025-21590?
CVE-2025-21590 affects Juniper Networks Junos OS versions up to 24.2R2, including specific versions prior to this.
What type of exploitation is possible with CVE-2025-21590?
CVE-2025-21590 can be exploited by a local attacker with high privileges to inject arbitrary code that compromises the device.
Is CVE-2025-21590 publicly disclosed?
Yes, CVE-2025-21590 has been publicly disclosed, allowing organizations to take necessary precautions and updates.
- agent/weakness
- agent/type
- agent/first-publish-date
- agent/guess-ai
- agent/software-canonical-lookup
- agent/author
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2025-21590
- agent/news-ai
- zeroday/true
- exploited/true
- agent/severity
- collector/cisa-known-exploited
- source/CISA
- agent/remedy
- agent/source
- agent/description
- agent/references
- agent/trending
- agent/last-modified-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/event
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-cve
- vendor/juniper networks
- canonical/juniper junos
- vendor/juniper
- canonical/junos os evolved
- version/junos os evolved/21.2
- version/junos os evolved/21.2-r1
- version/junos os evolved/21.2-r1-s1
- version/junos os evolved/21.2-r1-s2
- version/junos os evolved/21.2-r2
- version/junos os evolved/21.2-r2-s1
- version/junos os evolved/21.2-r2-s2
- version/junos os evolved/21.2-r3
- version/junos os evolved/21.2-r3-s1
- version/junos os evolved/21.2-r3-s2
- version/junos os evolved/21.2-r3-s3
- version/junos os evolved/21.2-r3-s4
- version/junos os evolved/21.2-r3-s5
- version/junos os evolved/21.2-r3-s6
- version/junos os evolved/21.2-r3-s7
- version/junos os evolved/21.2-r3-s8
- version/junos os evolved/21.4
- version/junos os evolved/21.4-r1
- version/junos os evolved/21.4-r1-s1
- version/junos os evolved/21.4-r1-s2
- version/junos os evolved/21.4-r2
- version/junos os evolved/21.4-r2-s1
- version/junos os evolved/21.4-r2-s2
- version/junos os evolved/21.4-r3
- version/junos os evolved/21.4-r3-s1
- version/junos os evolved/21.4-r3-s2
- version/junos os evolved/21.4-r3-s3
- version/junos os evolved/21.4-r3-s4
- version/junos os evolved/21.4-r3-s5
- version/junos os evolved/21.4-r3-s6
- version/junos os evolved/21.4-r3-s7
- version/junos os evolved/21.4-r3-s8
- version/junos os evolved/21.4-r3-s9
- version/junos os evolved/22.2
- version/junos os evolved/22.2-r1
- version/junos os evolved/22.2-r1-s1
- version/junos os evolved/22.2-r1-s2
- version/junos os evolved/22.2-r2
- version/junos os evolved/22.2-r2-s1
- version/junos os evolved/22.2-r2-s2
- version/junos os evolved/22.2-r3
- version/junos os evolved/22.2-r3-s1
- version/junos os evolved/22.2-r3-s2
- version/junos os evolved/22.2-r3-s3
- version/junos os evolved/22.2-r3-s4
- version/junos os evolved/22.2-r3-s5
- version/junos os evolved/22.4
- version/junos os evolved/22.4-r1
- version/junos os evolved/22.4-r1-s1
- version/junos os evolved/22.4-r1-s2
- version/junos os evolved/22.4-r2
- version/junos os evolved/22.4-r2-s1
- version/junos os evolved/22.4-r2-s2
- version/junos os evolved/22.4-r3
- version/junos os evolved/22.4-r3-s1
- version/junos os evolved/22.4-r3-s2
- version/junos os evolved/22.4-r3-s3
- version/junos os evolved/22.4-r3-s4
- version/junos os evolved/22.4-r3-s5
- version/junos os evolved/23.2
- version/junos os evolved/23.2-r1
- version/junos os evolved/23.2-r1-s1
- version/junos os evolved/23.2-r1-s2
- version/junos os evolved/23.2-r2
- version/junos os evolved/23.2-r2-s1
- version/junos os evolved/23.2-r2-s2
- version/junos os evolved/23.4
- version/junos os evolved/23.4-r1
- version/junos os evolved/23.4-r1-s1
- version/junos os evolved/23.4-r1-s2
- version/junos os evolved/23.4-r2
- version/junos os evolved/23.4-r2-s1
- version/junos os evolved/23.4-r2-s2
- version/junos os evolved/23.4-r2-s3
- version/junos os evolved/24.2
- version/junos os evolved/24.2-r1
- version/junos os evolved/24.2-r1-s1
- version/junos os evolved/24.2-r2