CVE-2025-59962 Junos OS and Junos OS Evolved: With BGP sharding enabled, change in indirect next-hop can cause RPD crash

🗓️ 09 Oct 2025 15:45:19Reported by juniperType

RPD crash DoS on Junos OS and Evolved with BGP sharding triggered by indirect next-hop updates.

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2025-59962	8 Oct 202515:59	–	circl
CNNVD	Juniper Networks Junos OS和Juniper Networks Junos OS Evolved 缓冲区错误漏洞	9 Oct 202500:00	–	cnnvd
CVE	CVE-2025-59962	9 Oct 202515:45	–	cve
EUVD	EUVD-2025-33398	9 Oct 202518:30	–	euvd
Tenable Nessus	Juniper Junos OS Vulnerability (JSA103151)	28 Oct 202500:00	–	nessus
NCSC	Vulnerabilities fixed in Juniper Networks Junos OS	13 Oct 202507:17	–	ncsc
NVD	CVE-2025-59962	9 Oct 202516:15	–	nvd
OSV	CVE-2025-59962	9 Oct 202516:15	–	osv
Positive Technologies	PT-2025-41404	9 Oct 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-59962	10 Oct 202516:20	–	redhatcve

[
  {
    "defaultStatus": "unaffected",
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "21.4R3-S6",
        "status": "affected",
        "version": "21.4",
        "versionType": "semver"
      },
      {
        "lessThan": "22.1R3-S6",
        "status": "affected",
        "version": "22.1",
        "versionType": "semver"
      },
      {
        "lessThan": "22.2R3-S3",
        "status": "affected",
        "version": "22.2",
        "versionType": "semver"
      },
      {
        "lessThan": "22.3R3-S3",
        "status": "affected",
        "version": "22.3",
        "versionType": "semver"
      },
      {
        "lessThan": "22.4R3",
        "status": "affected",
        "version": "22.4",
        "versionType": "semver"
      },
      {
        "lessThan": "23.2R2",
        "status": "affected",
        "version": "23.2",
        "versionType": "semver"
      },
      {
        "lessThan": "21.3R1",
        "status": "unaffected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Junos OS Evolved",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "22.3R3-S3-EVO",
        "status": "affected",
        "version": "22.3",
        "versionType": "semver"
      },
      {
        "lessThan": "22.4R3-EVO",
        "status": "affected",
        "version": "22.4",
        "versionType": "semver"
      },
      {
        "lessThan": "23.2R2-EVO",
        "status": "affected",
        "version": "23.2",
        "versionType": "semver"
      },
      {
        "lessThan": "21.3R1-EVO",
        "status": "unaffected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
supportportal	www.supportportal.juniper.net/JSA103151

09 Oct 2025 15:45Current

CVSS 3.15.3

CVSS 46

EPSS0.00162

CWE-824