CVE-2025-21590

Name: CVE-2025-21590
Creator: NVD / NIST
Published: 2025-03-12T14:15:15.447+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 6.7/10Actively ExploitedEPSS 1.66%

Last modified Jun 17, 2026

CVE-2025-21590 is a medium-severity vulnerability rated 6.7/10 on the CVSS scale. An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device. A local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device. This issue is not exploitable from the Junos CLI. This issue affects Junos OS: * All versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S10, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3-S6, * 23.2 versions before 23.2R2-S3, * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R1-S2, 24.2R2.. CISA has confirmed active exploitation in the wild. EPSS estimates a 1.66% chance of exploitation in the next 30 days.

Description

An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device. A local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device. This issue is not exploitable from the Junos CLI. This issue affects Junos OS: * All versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S10, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3-S6, * 23.2 versions before 23.2R2-S3, * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R1-S2, 24.2R2.

Metrics

CVSS 3.1

4.4/10

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

CVSS 4.0

6.7/10

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

EPSS Probability

1.66%

73.6th percentile

Probability of exploitation in the next 30 days. Learn more

Exploitation Status

This vulnerability is listed in CISA’s Known Exploited Vulnerabilities catalog, confirming active exploitation in the wild. Federal agencies must remediate by Apr 3, 2025.

Weakness Enumeration

CWE-653

Affected Software

Vendor	Product	Versions	Update
Juniper	Junos	<= 21.2	—
Juniper	Junos	21.2	R1
Juniper	Junos	21.4	—
Juniper	Junos	22.2	—
Juniper	Junos	22.4	—
Juniper	Junos	23.2	—
Juniper	Junos	23.4	—
Juniper	Junos	24.2	—

References

https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-espionage-targets-juniper-routersThird Party Advisory
https://supportportal.juniper.net/JSA93446Vendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-21590US Government Resource

Timeline

Published: Mar 12, 2025
Last Modified: Jun 17, 2026
Status: Analyzed

Frequently Asked Questions

What is CVE-2025-21590?

How severe is CVE-2025-21590?

CVE-2025-21590 has a CVSS score of 6.7/10 (MEDIUM severity). The EPSS model estimates a 1.66% probability of exploitation in the next 30 days. This vulnerability is listed in CISA's Known Exploited Vulnerabilities catalog.

How do I fix CVE-2025-21590?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2025-21590?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST