Juniper Networks Junos OS
Moderate fix4 remedies
cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*, +2 more
Moderate fix4 remedies
- >= 23.4R2-S3, < 23.4R2-S5
- >= 24.2R2, < 24.2R2-S1
- < 24.4R1-S3
- <= 24.4R2
Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon Denial-of-Service Vulnerability
Vulnerability
Patched
A denial-of-service vulnerability has been identified in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved. This vulnerability allows an unauthenticated, network-based attacker to cause a crash and restart of the rpd process. The issue arises when an affected system receives a specific BGP EVPN update message over an established BGP session. Notably, a BGP EVPN configuration is not required for the vulnerability to be exploited; however, the vulnerable device must be configured to receive BGP EVPN updates from peers. This vulnerability impacts both iBGP and eBGP, over IPv4 and IPv6.
Impact
Exploitation of this vulnerability leads to a crash of the routing protocol daemon (rpd) process, causing a temporary disruption in routing functions until the process restarts.
Added: Oct 9, 2025, 5:21 PM
Updated: Oct 9, 2025, 5:21 PM
Vulnerability Rating
Custom Algorithm
spread
6.8impact
2.5exploitability
5.9remediation
7.7relevance
0.7threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.