CVE-2025-21590

An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device. A local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device. This issue is not exploitable from the Junos CLI. This issue affects Junos OS:  * All versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S10,  * 22.2 versions before 22.2R3-S6,  * 22.4 versions before 22.4R3-S6,  * 23.2 versions before 23.2R2-S3,  * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R1-S2, 24.2R2. It has a CVSS v3.1 base score of 4.4 (MEDIUM). This vulnerability is listed in CISA's Known Exploited Vulnerabilities catalog, indicating active exploitation in the wild.

CVE-2025-21590 has a CVSS v3.1 score of 4.4 out of 10, rated MEDIUM. This is a medium-severity vulnerability that should be remediated as part of regular maintenance.

CVE-2025-21590 affects products from juniper, specifically: junos. Check the affected products table above for specific version ranges.

You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.