Vulnerability Details CVE-2025-52958
A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS).On all Junos OS and Junos OS Evolved devices, when route validation is enabled, a rare condition during BGP initial session establishment can lead to an rpd crash and restart. This occurs specifically when the connection request fails during error-handling scenario.
Continued session establishment failures leads to a sustained DoS condition.
This issue affects Junos OS:
* All versions before 22.2R3-S6,
* from 22.4 before 22.4R3-S6,
* from 23.2 before 23.2R2-S3,
* from 23.4 before 23.4R2-S4,
* from 24.2 before 24.2R2;
Junos OS Evolved:
* All versions before 22.2R3-S6-EVO,
* from 22.4 before 22.4R3-S6-EVO,
* from 23.2 before 23.2R2-S3-EVO,
* from 23.4 before 23.4R2-S4-EVO,
* from 24.2 before 24.2R2-EVO.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.1%
CVSS Severity
CVSS v3 Score 5.3
References
Products affected by CVE-2025-52958
-
cpe:2.3:o:juniper:junos:*
-
cpe:2.3:o:juniper:junos:22.2
-
cpe:2.3:o:juniper:junos:22.4
-
cpe:2.3:o:juniper:junos:23.2
-
cpe:2.3:o:juniper:junos:23.4
-
cpe:2.3:o:juniper:junos:24.2
-
cpe:2.3:o:juniper:junos_os_evolved:*
-
cpe:2.3:o:juniper:junos_os_evolved:22.2
-
cpe:2.3:o:juniper:junos_os_evolved:22.4
-
cpe:2.3:o:juniper:junos_os_evolved:23.2
-
cpe:2.3:o:juniper:junos_os_evolved:23.4
-
cpe:2.3:o:juniper:junos_os_evolved:24.2