Main Vulnerability Database Vulnerabilities #VU121684

NULL pointer dereference in Juniper Junos OS - CVE-2025-60007

Published: January 20, 2026

Vulnerability identifier: #VU121684

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-60007

CWE-ID: CWE-476

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Juniper Networks, Inc.

Affected software:
Juniper Junos OS

Detailed vulnerability description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to null pointer dereference error in the chassis daemon (chassisd). A local user can cause a Denial-of-Service (DoS).

When a user executes the 'show chassis' command with specifically crafted options, chassisd will crash and restart.

Due to this all components but the Routing Engine (RE) in the chassis are reinitialized, which leads to a complete service outage, which the system automatically recovers from.

How to mitigate CVE-2025-60007

Install updates from vendor's website.

Sources

https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-A-specifically-crafted-show-chassis-command-causes-chassisd-to-crash-CVE-2025-60007

NULL pointer dereference in Juniper Junos OS - CVE-2025-60007

Detailed vulnerability description

How to mitigate CVE-2025-60007

Sources

Please verify you're human