CVE-2025-52958

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 22.2R3-S6 Juniper Networks Junos OS versions 22.4 through 22.4R3-S6 Juniper Networks Junos OS versions 23.2 through 23.2R2-S3 Juniper Networks Junos OS versions 23.4 through 23.4R2-S4 Juniper Networks Junos OS versions 24.2 through 24.2R2 Juniper Networks Junos OS Evolved versions prior to 22.2R3-S6-EVO Juniper Networks Junos OS Evolved versions 22.4 through 22.4R3-S6-EVO Juniper Networks Junos OS Evolved versions 23.2 through 23.2R2-S3-EVO Juniper Networks Junos OS Evolved versions 23.4 through 23.4R2-S4-EVO Juniper Networks Junos OS Evolved versions 24.2 through 24.2R2-EVO

Description: A Reachable Assertion vulnerability exists in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved. An unauthenticated, adjacent attacker can exploit this issue to cause a Denial of Service (DoS). When route validation is enabled, a rare condition during Border Gateway Protocol (BGP) initial session establishment, specifically during error handling, can lead to an rpd crash and restart. Repeated session establishment failures can result in a sustained DoS condition.

Recommendations: Update to Junos OS version 22.2R3-S6 or later. Update to Junos OS version 22.4R3-S6 or later. Update to Junos OS version 23.2R2-S3 or later. Update to Junos OS version 23.4R2-S4 or later. Update to Junos OS version 24.2R2 or later. Update to Junos OS Evolved version 22.2R3-S6-EVO or later. Update to Junos OS Evolved version 22.4R3-S6-EVO or later. Update to Junos OS Evolved version 23.2R2-S3-EVO or later. Update to Junos OS Evolved version 23.4R2-S4-EVO or later. Update to Junos OS Evolved version 24.2R2-EVO or later.