Improper Check for Unusual or Exceptional Conditions in Junos OS Evolved - CVE-2025-59958
Published: October 13, 2025
Vulnerability identifier: #VU116938
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2025-59958
CWE-ID: CWE-754
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Juniper Networks, Inc.
Affected software:
Junos OS Evolved
Junos OS Evolved
Detailed vulnerability description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack or gain access to sensitive information.
The vulnerability exists due to improper error handling in the Packet Forwarding Engine (PFE). When an output firewall filter is configured with one or more terms where the action is 'reject', packets matching these terms are erroneously sent to the Routing Engine (RE) and further processed there. Processing of these packets will consume limited RE resources. Also responses from the RE back to the source of this traffic could reveal confidential information about the affected device.
How to mitigate CVE-2025-59958
Install updates from vendor's website.