CVE-2025-52958
BaseFortify
Publication date: 2025-07-11
Last updated on: 2025-07-15
Assigner: Juniper Networks, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| juniper | junos_os_evolved | * |
| juniper | junos_os | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-617 | The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Reachable Assertion issue in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved. It allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS) by triggering a rare condition during BGP initial session establishment when route validation is enabled. Specifically, if the connection request fails during an error-handling scenario, the rpd process crashes and restarts. Repeated failures lead to a sustained DoS condition.
How can this vulnerability impact me? :
The vulnerability can cause a Denial of Service (DoS) on affected Junos OS and Junos OS Evolved devices. This means that the routing protocol daemon (rpd) can crash and restart repeatedly, disrupting network routing and potentially causing network outages or degraded network performance.