PT-2025-41402 · Juniper Networks · Junos+2
Published
2025-10-09
·
Updated
2025-10-09
·
CVE-2025-59957
CVSS v4.0
7.0
High
| Vector | AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:X/RE:H/U:X |
Name of the Vulnerable Software and Affected Versions
Juniper Networks Junos OS versions prior to 21.4R3
Juniper Networks Junos OS versions 22.2 before 22.2R3-S3
Description
An Origin Validation Error exists in a file within Juniper Networks Junos OS on EX4600 Series and QFX5000 Series. An unauthenticated attacker with physical access can create a backdoor, gaining complete control of the system. When a root password is not configured, an attacker can modify a specific file, adding configuration statements to the Junos configuration without visibility. This allows the addition of unauthorized users, IP addresses, and other configurations. The exploit persists across reboots and even zeroization. The indicator of compromise is a modified
/etc/config/<platform>-defaults[-flex].conf file.Recommendations
For versions prior to 21.4R3, reinstall the system from physical media to restore a trusted initial configuration.
For versions 22.2 before 22.2R3-S3, reinstall the system from physical media to restore a trusted initial configuration.
Fix
Origin Validation Error
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ex4600 Series
Junos
Qfx5000 Series