CVE-2025-52983

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 22.2R3-S7 Juniper Networks Junos OS versions 22.4 through 22.4R3-S5 Juniper Networks Junos OS versions 23.2 through 23.2R2-S3 Juniper Networks Junos OS versions 23.4 through 23.4R2-S3 Juniper Networks Junos OS versions 24.2 through 24.2R1-S2, 24.2R2

Description: A UI discrepancy exists in Juniper Networks Junos OS on VM Host systems, allowing a network-based, unauthenticated attacker to access the device. On VM Host Routing Engines (RE), even if the configured public key for root has been removed, remote users possessing the corresponding private key can still log in as root.

Recommendations: Update to Junos OS version 22.2R3-S7 or later. Update to Junos OS version 22.4R3-S5 or later. Update to Junos OS version 23.2R2-S3 or later. Update to Junos OS version 23.4R2-S3 or later. Update to Junos OS version 24.2R1-S2 or later. Update to Junos OS version 24.2R2 or later.