CVE-2025-60011
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2026-01-15

Last updated on: 2026-01-15

Assigner: Juniper Networks, Inc.

Description
An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an availability impact for downstream devices. When an affected device receives a specific optional, transitive BGP attribute over an existing BGP session, it will be erroneously modified before propagation to peers. When the attribute is detected as malformed by the peers, these peers will most likely terminate the BGP sessions with the affected devices and thereby cause an availability impact due to the resulting routing churn. This issue affects: Junos OS: * all versions before 22.4R3-S8, * 23.2 versions before 23.2R2-S5 * 23.4 versions before 23.4R2-S6, * 24.2 versions before 24.2R2-S2, * 24.4 versions before 24.4R2; Junos OS Evolved:Β  * all versions before 22.4R3-S8-EVO, * 23.2 versions before 23.2R2-S5-EVO, * 23.4 versions before 23.4R2-S6-EVO, * 24.2 versions before 24.2R2-S2-EVO, * 24.4 versions before 24.4R2-EVO.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-15
Last Modified
2026-01-15
Generated
2026-06-16
AI Q&A
2026-01-16
EPSS Evaluated
2026-06-15
NVD
CVE-2025-60011
EUVD
EUVD-2026-2713
Affected Vendors & Products
Showing 10 associated CPEs
Vendor Product Version / Range
juniper junoss to 22.4R3-S8 (exc)
juniper junoss to 23.2R2-S5 (exc)
juniper junoss to 23.4R2-S6 (exc)
juniper junoss to 24.2R2-S2 (exc)
juniper junoss to 24.4R2 (exc)
juniper junosevolved to 22.4R3-S8-EVO (exc)
juniper junosevolved to 23.2R2-S5-EVO (exc)
juniper junosevolved to 23.4R2-S6-EVO (exc)
juniper junosevolved to 24.2R2-S2-EVO (exc)
juniper junosevolved to 24.4R2-EVO (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-754 The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an Improper Check for Unusual or Exceptional Conditions in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved. It allows an unauthenticated, network-based attacker to send a specific optional, transitive BGP attribute over an existing BGP session. The affected device erroneously modifies this attribute before propagating it to peers. When peers detect the attribute as malformed, they likely terminate the BGP sessions with the affected device, causing routing disruptions and availability impact.

Impact Analysis

The vulnerability can cause an availability impact by disrupting BGP sessions between devices. When peers terminate BGP sessions due to malformed attributes, it results in routing churn, which can lead to network instability and downtime for downstream devices relying on the affected routing infrastructure.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-60011. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart