CVE-2025-21590 - Juniper Junos OS
AI Vulnerability ContextAn Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device. A local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device. This issue is not exploitable from the Junos CLI. This issue affects Junos OS: * All versions before 21.2R3-S9...
Overview
A source-backed snapshot of this vulnerability.
An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device.
A local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device. This issue is not exploitable from the Junos CLI. This issue affects Junos OS:
- All versions before 21.2R3-S9,
- 21.4 versions before 21.4R3-S10,
- 22.2 versions before 22.2R3-S6,
- 22.4 versions before 22.4R3-S6,
- 23.2 versions before 23.2R2-S3,
- 23.4 versions before 23.4R2-S4,
- 24.2 versions before 24.2R1-S2, 24.2R2.
Vulnerability status
How serious this vulnerability is and whether it is known to be exploited.
- CVE ID
- CVE-2025-21590
- Vendor/project
- Juniper
- Product
- Junos OS
- Vulnerability name
- Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability
- Date added
- 2025-03-13
- Due date
- 2025-04-03
- Known ransomware campaign use
- Unknown
- CVSS v3
- 4.4
- CVSS v4
- 6.7
Exploit context
What the vulnerability is about.
An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device.
A local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device. This issue is not exploitable from the Junos CLI. This issue affects Junos OS:
- All versions before 21.2R3-S9,
- 21.4 versions before 21.4R3-S10,
- 22.2 versions before 22.2R3-S6,
- 22.4 versions before 22.4R3-S6,
- 23.2 versions before 23.2R2-S3,
- 23.4 versions before 23.4R2-S4,
- 24.2 versions before 24.2R1-S2, 24.2R2.
Source evidence
Original public records and references for this page.
Original source
Original source links
Open the public records and source datasets used for this page.
