CVE-2025-59961

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 21.2R3-S10 Juniper Networks Junos OS versions 22.2 Juniper Networks Junos OS versions prior to 21.4R3-S12 Juniper Networks Junos OS versions prior to 22.4R3-S8 Juniper Networks Junos OS versions prior to 23.2R2-S5 Juniper Networks Junos OS versions prior to 23.4R2-S6 Juniper Networks Junos OS versions prior to 24.2R2-S2 Juniper Networks Junos OS versions prior to 24.4R2 Juniper Networks Junos OS versions prior to 25.2R1-S1 and 25.2R2 Juniper Networks Junos OS Evolved versions prior to 22.4R3-S8-EVO Juniper Networks Junos OS Evolved versions prior to 23.2R2-S5-EVO Juniper Networks Junos OS Evolved versions prior to 23.4R2-S6-EVO Juniper Networks Junos OS Evolved versions prior to 24.2R2-S2-EVO Juniper Networks Junos OS Evolved versions prior to 24.4R2-EVO Juniper Networks Junos OS Evolved versions prior to 25.2R1-S1-EVO and 25.2R2-EVO

Description An incorrect permission assignment exists for a critical resource within the Juniper DHCP daemon (jdhcpd) in Juniper Networks Junos OS and Junos OS Evolved. This allows a local user with low privileges to write to the Unix socket used to manage the jdhcpd process, potentially granting them complete control over the resource. A user with low privileges can connect to the Unix socket and issue commands to manage the DHCP service, effectively gaining administrative control of the local DHCP server or DHCP relay.

Recommendations Update Junos OS to version 21.2R3-S10 or later. Update Junos OS to version 21.4R3-S12 or later. Update Junos OS to version 22.4R3-S8 or later. Update Junos OS to version 23.2R2-S5 or later. Update Junos OS to version 23.4R2-S6 or later. Update Junos OS to version 24.2R2-S2 or later. Update Junos OS to version 24.4R2 or later. Update Junos OS to version 25.2R1-S1 or 25.2R2 or later. Update Junos OS Evolved to version 22.4R3-S8-EVO or later. Update Junos OS Evolved to version 23.2R2-S5-EVO or later. Update Junos OS Evolved to version 23.4R2-S6-EVO or later. Update Junos OS Evolved to version 24.2R2-S2-EVO or later. Update Junos OS Evolved to version 24.4R2-EVO or later. Update Junos OS Evolved to version 25.2R1-S1-EVO or 25.2R2-EVO or later.