Main Vulnerability Database SB2025071849

SB2025071849 - Ui discrepancy for security feature in Juniper Junos OS

Published: July 18, 2025

Security Bulletin ID SB2025071849

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Ui discrepancy for security feature (CVE-ID: CVE-2025-52983)

The vulnerability allows a remote privileged user to execute arbitrary code.

The vulnerability exists due to ui discrepancy for security feature error in the UI. A remote privileged user can access the device.

On VM Host Routing Engines (RE), even if the configured public key for root has been removed, remote users which are in possession of the corresponding private key can still log in as root.

Remediation

Install update from vendor's website.

References

https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-After-removing-ssh-public-key-authentication-root-can-still-log-in-CVE-2025-52983