Main Vulnerability Database Vulnerabilities #VU113062

Ui discrepancy for security feature in Juniper Junos OS - CVE-2025-52983

Published: July 18, 2025

Vulnerability identifier: #VU113062

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2025-52983

CWE-ID: CWE-446

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Juniper Networks, Inc.

Affected software:
Juniper Junos OS

Detailed vulnerability description

The vulnerability allows a remote privileged user to execute arbitrary code.

The vulnerability exists due to ui discrepancy for security feature error in the UI. A remote privileged user can access the device.

On VM Host Routing Engines (RE), even if the configured public key for root has been removed, remote users which are in possession of the corresponding private key can still log in as root.

How to mitigate CVE-2025-52983

Install updates from vendor's website.

Sources

https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-After-removing-ssh-public-key-authentication-root-can-still-log-in-CVE-2025-52983

Ui discrepancy for security feature in Juniper Junos OS - CVE-2025-52983

Detailed vulnerability description

How to mitigate CVE-2025-52983

Sources

Please verify you're human