CVE-2025-30650
Missing Authentication in Junos OS Line Cards Allows Root Access
Publication date: 2026-04-08
Last updated on: 2026-04-13
Assigner: Juniper Networks, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| juniper | junos_os | to 22.4R3-S8 (exc) |
| juniper | junos_os | From 23.2 (inc) to 23.2R2-S6 (exc) |
| juniper | junos_os | From 23.4 (inc) to 23.4R2-S6 (exc) |
| juniper | junos_os | From 24.2 (inc) to 24.2R2-S3 (exc) |
| juniper | junos_os | From 24.4 (inc) to 24.4R2 (exc) |
| juniper | junos_os | From 25.2 (inc) to 25.2R2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-30650 is a vulnerability in Juniper Networks Junos OS that affects Linux-based line cards. It is a Missing Authentication for Critical Function vulnerability in the command processing of Junos OS, which allows a privileged local attacker to escalate their privileges to root without needing the root password.
Specifically, a local attacker with limited privileges (such as shell and maintenance access) can execute a script as root during the Flexible PIC Concentrator (FPC) boot-up process, thereby gaining persistent root access on the line card. This root access effectively grants full root control over the entire router.
The vulnerability affects multiple line card models including MPC7, MPC8, MPC9, MPC10, MPC11, LC2101, LC2103, LC480, LC4800, LC9600, MX304, MX-SPC3, SRX5K-SPC3, EX9200-40XS, FPC3-PTX-U2, FPC3-PTX-U3, FPC3-SFF-PTX, LC1101, LC1102, LC1104, and LC1105. It impacts all Junos OS versions before 22.4R3-S8 and several subsequent versions up to but not including certain fixed releases.
How can this vulnerability impact me? :
This vulnerability allows a privileged local attacker to gain root access on the affected line cards running Junos OS Evolved. With root access, the attacker can fully control the router, potentially leading to unauthorized changes, data breaches, disruption of network services, and persistent compromise of the network infrastructure.
Because the attacker can execute scripts as root during the boot-up process, the compromise can be persistent and difficult to detect or remove without applying the appropriate security patches.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves a privileged local attacker gaining root access on Linux-based line cards running Junos OS Evolved by exploiting missing authentication in command processing.
Detection would primarily involve verifying the Junos OS version running on affected line cards and checking for unauthorized root access or suspicious script executions during FPC boot-up.
Specifically, you can check the Junos OS version on your line cards to see if it falls within the vulnerable versions before applying patches.
- Use the command `show version` on the device to identify the Junos OS version.
- Check for unexpected root shell sessions or processes on the line cards by accessing the Linux shell on the affected FPCs.
- Review boot-up scripts or logs on the FPC for unauthorized script executions that could indicate exploitation.
Since the vulnerability requires local privileged access, monitoring for unusual local user activity or privilege escalations on the line cards is also recommended.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to apply the security patches provided by Juniper in the fixed Junos OS releases.
- Upgrade affected Junos OS versions to one of the fixed releases: 22.4R3-S8, 23.2R2-S6, 23.4R2-S6, 24.2R2-S3, 24.4R2, 25.2R2, 25.4R1, or any later versions.
- Restrict local privileged access to line cards to trusted administrators only.
- Monitor and audit local user activities on line cards to detect any unauthorized attempts to escalate privileges.
Applying patches is critical because the vulnerability allows privilege escalation to root without requiring the root password, which can lead to full control over the router.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows a privileged local attacker to gain root access on Juniper Networks Junos OS line cards, potentially compromising the confidentiality, integrity, and availability of the affected systems.
Such unauthorized root access could lead to unauthorized data access or manipulation, which may impact compliance with standards and regulations like GDPR and HIPAA that require strict controls over access to sensitive data and system integrity.
However, the provided information does not explicitly discuss the direct impact on compliance with these regulations or any specific compliance requirements.