CVE-2025-52964
BaseFortify
Publication date: 2025-07-11
Last updated on: 2025-07-15
Assigner: Juniper Networks, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| juniper | junos_os_evolved | * |
| juniper | junos_os | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-617 | The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Reachable Assertion flaw in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved. It allows an unauthenticated attacker on the network to cause a Denial of Service (DoS) by sending a specific BGP UPDATE packet. When the device receives this packet, the rpd crashes and restarts. If the attacker continuously sends this packet, it causes a sustained DoS condition. The vulnerability only occurs if BGP multipath with "pause-computation-during-churn" is configured and the attacker sends the paths via a BGP UPDATE from an established BGP peer.
How can this vulnerability impact me? :
This vulnerability can impact you by causing a Denial of Service (DoS) on affected Juniper devices running Junos OS or Junos OS Evolved. The rpd process crashes and restarts upon receiving a specific malicious BGP UPDATE packet, potentially disrupting network routing and availability. Continuous exploitation can lead to sustained network outages or degraded network performance.