Security updates: Attackers can crash network devices with Junos OS

Juniper devices with Junos OS could be targeted by attackers due to security vulnerabilities. Security updates are available for download. So far there are no reports of ongoing attacks.

DoS vulnerabilities

If BGP (Border Gateway Protocol) trace options are configured on devices, attackers can exploit a vulnerability (CVE-2025-21598"high") to cause the RPD service to crash. Attacks should be possible without authentication.

This also applies to the next vulnerability (CVE-2025-21599"high"). In this case, prepared IPv6 packets can lead to DoS states so that devices no longer function reliably. The remaining vulnerabilities are classified as"medium" threat level. Crashes can also occur here. Attackers can also gain unauthorized access to data.

Juniper lists the Junos OS versions secured against this in the following warning messages. List sorted by threat level in descending order:

• Junos OS and Junos OS Evolved: When BGP traceoptions are configured, receipt of malformed BGP packets causes RPD to crash (CVE-2025-21598)
• unos OS Evolved: Receipt of specifically malformed IPv6 packets causes kernel memory exhaustion leading to Denial of Service (CVE-2025-21599)
• Junos OS and Junos OS Evolved: On SRv6 enabled devices, an attacker sending a malformed BGP update can cause the rpd to crash (CVE-2025-21593)
• Junos OS and Junos OS Evolved: Receipt of specially crafted BGP update packet causes RPD crash (CVE-2025-21602)
• Junos OS and Junos OS Evolved: With certain BGP options enabled, receipt of specifically malformed BGP update causes RPD crash (CVE-2025-21600)
• Junos OS: SRX1500,SRX4100,SRX4200: Execution of low-privileged CLI command results in chassisd crash (CVE-2025-21596)
• Junos OS: SRX Series: Low privileged user able to access highly sensitive information on file system (CVE-2025-21592)

Read also

Juniper: More than 30 security vulnerabilities patched

(des)