PT-2025-29233 · Mpc11+6 · Mpc11+7
Orangecertcc
·
Published
2025-07-09
·
Updated
2025-07-11
·
CVE-2025-30661
CVSS v4.0
8.5
High
| Vector | AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:X/RE:M/U:Amber |
Name of the Vulnerable Software and Affected Versions:
Juniper Networks Junos OS versions 23.2 through 23.2R2-S4
Juniper Networks Junos OS versions 23.4 through 23.4R2-S5
Juniper Networks Junos OS versions 24.2 through 24.2R2-S1
Juniper Networks Junos OS versions 24.4 through 24.4R1-S3
Juniper Networks Junos OS version 24.4R2
Description:
An incorrect permission assignment for a critical resource in line card script processing allows a local, low-privileged user to install scripts that are executed as root, leading to privilege escalation. A local user with access to the local file system can copy a script to the router in a way that will be executed as root during system boot. Execution of the script as root can lead to complete system control. This issue affects specific line cards, including the MPC10, MPC11, LC4800, LC9600, MX304-LMIC16, SRX4700, and EX9200-15C.
Recommendations:
Juniper Networks Junos OS versions prior to 23.2R2 should be upgraded.
Juniper Networks Junos OS versions prior to 23.4R2-S5 should be upgraded.
Juniper Networks Junos OS versions prior to 24.2R2-S1 should be upgraded.
Juniper Networks Junos OS versions prior to 24.4R1-S3 and 24.4R2 should be upgraded.
Fix
Incorrect Permission
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ex9200-15C
Junos
Lc4800
Lc9600
Mpc10
Mpc11
Mx304-Lmic16
Srx4700