CVE-2025-21592

Name of the Vulnerable Software and Affected Versions Junos OS SRX Series versions prior to 21.4R3-S8 Junos OS SRX Series versions 22.2 through 22.2R3-S5 Junos OS SRX Series versions 22.3 through 22.3R3-S3 Junos OS SRX Series versions 22.4 through 22.4R3-S2 Junos OS SRX Series versions 23.2 through 23.2R2-S1 Junos OS SRX Series versions 23.4 through 23.4R2

Description The issue is related to insufficient protection of sensitive data in the command-line interface (CLI) of Juniper Networks Junos OS on SRX Series devices. This allows a local, low-privileged user with access to the Junos CLI to view the contents of sensitive files on the file system. By executing either the show services advanced-anti-malware or show services security-intelligence command, a user with limited permissions can access protected files that should not be accessible to the user. These files may contain sensitive information that can be used to cause further impact to the system.

Recommendations For versions prior to 21.4R3-S8, update to version 21.4R3-S8 or later. For versions 22.2 through 22.2R3-S5, update to version 22.2R3-S5 or later. For versions 22.3 through 22.3R3-S3, update to version 22.3R3-S3 or later. For versions 22.4 through 22.4R3-S2, update to version 22.4R3-S2 or later. For versions 23.2 through 23.2R2-S1, update to version 23.2R2-S1 or later. For versions 23.4 through 23.4R2, update to version 23.4R2 or later. As a temporary workaround, consider restricting access to the show services advanced-anti-malware and show services security-intelligence commands until a patch is available.