CVE-2025-52954

{"id": "CVE-2025-52954", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}], "cvssMetricV40": [{"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.5, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-07-11T15:15:26.270", "references": [{"url": "https://supportportal.juniper.net/JSA100060", "tags": ["Vendor Advisory"], "source": "sirt@juniper.net"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "sirt@juniper.net", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "A Missing Authorization vulnerability in the internal virtual routing and forwarding (VRF) of Juniper Networks Junos OS Evolved\u00a0allows a local, low-privileged user to gain root privileges, leading to a system compromise.\n\nAny low-privileged user with the capability to send packets over the internal VRF can execute arbitrary Junos commands and modify the configuration, and thus compromise the system.\u00a0\n\nThis issue affects Junos OS Evolved:\u00a0\n\n\n\n * All versions before 22.2R3-S7-EVO,\u00a0\n * from 22.4 before 22.4R3-S7-EVO,\u00a0\n * from 23.2 before 23.2R2-S4-EVO,\u00a0\n * from 23.4 before 23.4R2-S5-EVO,\u00a0\n * from 24.2 before\u00a024.2R2-S1-EVO\n * from 24.4 before 24.4R1-S2-EVO, 24.4R2-EVO."}, {"lang": "es", "value": "Una vulnerabilidad de falta de autorizaci\u00f3n en el enrutamiento y reenv\u00edo virtual (VRF) interno de Juniper Networks Junos OS Evolved permite que un usuario local con pocos privilegios obtenga permisos de root, lo que compromete el sistema. Cualquier usuario con pocos privilegios capaz de enviar paquetes a trav\u00e9s del VRF interno puede ejecutar comandos arbitrarios de Junos y modificar la configuraci\u00f3n, comprometiendo as\u00ed el sistema. Este problema afecta a Junos OS Evolved: * Todas las versiones anteriores a 22.2R3-S7-EVO, * desde la versi\u00f3n 22.4 hasta la 22.4R3-S7-EVO, * desde la versi\u00f3n 23.2 hasta la 23.2R2-S4-EVO, * desde la versi\u00f3n 23.4 hasta la 23.4R2-S5-EVO, * desde la versi\u00f3n 24.2 hasta la 24.2R2-S1-EVO, * desde la versi\u00f3n 24.4 hasta la 24.4R1-S2-EVO, 24.4R2-EVO."}], "lastModified": "2026-01-23T19:37:01.383", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D30A46A8-A9FE-48FF-BC88-841493254FBB", "versionEndExcluding": "22.2"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3CA3365-F9AF-40DF-8700-30AD4BC58E27"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D77A072D-350A-42F2-8324-7D3AC1711BF9"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83AE395C-A651-4568-88E3-3600544BF799"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7FEFD0A-A969-4F53-8668-1231FD675D6F"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3BE1FD4-DAD9-4357-A2E9-20E5826B0D5C"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81CC3480-4B65-4588-8D46-FA80A8F6D143"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7E76F5F-DB37-4B7F-9247-3CEB4EBD7696"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C63DBEE5-B0C2-498F-A672-B6596C89B0A2"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9370C46D-3AA1-4562-B67F-DF6EA10F209B"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1FD8C240-A7FE-4FD5-ADCC-289C1BC461BF"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2FB9F20B-7683-4B0D-8D2B-5569414EBC29"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD0A8640-4448-41AB-84D1-431C56397223"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "871432BA-CA86-4EAE-A602-F02AF008B682"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "89CD04DA-5669-4BBF-9C77-2DC68BFB9327"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A33C425-921F-4795-B834-608C8F1597E0"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93887799-F62C-4A4A-BCF5-004D0B4D4154"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62C473D2-2612-4480-82D8-8A24D0687BBD"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FB4C5CA-A709-4B13-A9E0-372098A72AD3"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "04CE952D-E3C1-4B34-9E65-EC52BFE887AB"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8AE9D1A7-4721-4E1D-B965-FDC38126B1DD"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8643AA3-29EF-48A7-B033-CB60988E214B"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9800BA03-E6BF-4212-B2E7-69C0FD27D294"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ACCA655D-C542-44F1-B183-4C864CFF2D4F"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D499B19-A91A-4B76-B1CB-6A07A4CB212B"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B6B2830C-26EE-446E-B0C3-B5E43AD897B8"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C7367E6-B491-4A1F-B9D7-BC86A15A0773"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72A89D1E-9EA4-4959-9F54-84F1F99A4ADB"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01980CDF-A5CE-480D-BCED-BD5E29E4DE5F"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6DEAA7FD-385F-4221-907E-65ABC16BE4BE"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DDEC008A-3137-48D1-8ABC-6DB0EFC40E50"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "558D234D-BC50-415F-86D6-8E19D6C3ACE0"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33F4EEEE-77E9-4973-A770-99E7BA2F05F5"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4BB6910-B994-45FD-8153-5EC00EE842E6"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D657944B-2066-4F2C-BC92-EDF4DE1C165C"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75A58924-6348-44CF-AB39-1FCE17FE81AC"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A903B31-D9E5-43FA-B09F-7E7769803720"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D7F0D73-85EE-4A07-B51B-6BF52ECBA75E"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE777A1F-9CD9-426E-AF1C-FBE01EB9A4A8"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7147BA60-30A5-4CED-9AAF-F6BEA0528B89"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E5CE59B-14B2-4F4C-81B5-0430EC954956"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB82B22F-9005-4EF0-A1E3-4261757783D4"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0224D3F1-8B86-432C-8F5B-B4B7B69ADF31"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB2FE5FE-0ADE-406E-A23D-FDCC104B2496"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E58987A-D7B7-4FFF-9969-E8FD76AE2BE3"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E779C0D4-A8F7-4976-B3C8-B9802B96E715"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0DD89AAD-C615-42AF-B8AF-E6067862F0F5"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28AFF11D-E418-4A76-B557-F60622602537"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A86A69D-2B90-4B3B-A6EC-88358284787D"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "080BEA58-9667-4C2C-810D-DC1187DB67DA"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B32ADA05-5F5D-45B6-BB7B-3FA6A6F229F5"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6526E82-A6A6-4A65-9B01-B3FCB947F44E"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25DA0DD2-E974-448C-BD05-ED6FCA4725FB"}], "operator": "OR"}]}], "sourceIdentifier": "sirt@juniper.net"}