CVE-2025-52985

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS Evolved versions prior to 23.2R2-S4-EVO Juniper Networks Junos OS Evolved versions prior to 23.4R2-S5-EVO Juniper Networks Junos OS Evolved versions prior to 24.2R2-S1-EVO Juniper Networks Junos OS Evolved versions prior to 24.4R1-S3-EVO Juniper Networks Junos OS Evolved version 24.4R2-EVO

Description: A Use of Incorrect Operator vulnerability exists in the Routing Engine firewall of Juniper Networks Junos OS Evolved. This allows an unauthenticated, network-based attacker to bypass security restrictions. The issue occurs when a firewall filter applied to the lo0 or re:mgmt interface references a prefix list with 'from prefix-list', and that prefix list contains more than 10 entries. In such cases, the prefix list does not match, and packets destined to or from the local device are not filtered. This affects both IPv4 and IPv6 traffic as prefix lists can contain both types of prefixes. The vulnerability impacts firewall filters applied to the re:mgmt interfaces as input and output, and to the lo0 interface as output.

Recommendations: Update to Junos OS Evolved version 23.2R2-S4-EVO or later. Update to Junos OS Evolved version 23.4R2-S5-EVO or later. Update to Junos OS Evolved version 24.2R2-S1-EVO or later. Update to Junos OS Evolved version 24.4R1-S3-EVO or later.