CVE-2025-21593
MEDIUMDescription
An Improper Control of a Resource Through its Lifetime vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial-of-Service (DoS). On devices with SRv6 (Segment Routing over IPv6) enabled, an attacker can send a malformed BGP UPDATE packet which will cause the rpd to crash and restart. Continued receipt of these UPDATE packets will cause a sustained DoS condition. This issue affects iBGP and eBGP, and both IPv4 and IPv6 are affected by this vulnerability.This issue affects Junos OS: * All versions before 21.2R3-S9, * from 21.4 before 21.4R3-S10, * from 22.2 before 22.2R3-S5, * from 22.3 before 22.3R3-S4, * from 22.4 before 22.4R3-S3, * from 23.2 before 23.2R2-S2, * from 23.4 before 23.4R2; and Junos OS Evolved: * All versions before 21.2R3-S9-EVO, * from 21.4-EVO before 21.4R3-S10-EVO, * from 22.2-EVO before 22.2R3-S5-EVO, * from 22.3-EVO before 22.3R3-S4-EVO, * from 22.4-EVO before 22.4R3-S3-EVO, * from 23.2-EVO before 23.2R2-S2-EVO, * from 23.4-EVO before 23.4R2-EVO.
Is your site exposed to CVE-2025-21593?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
| juniper | junos_os_evolved |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-21593? +
How severe is CVE-2025-21593? +
What products are affected by CVE-2025-21593? +
How do I check if I'm vulnerable to CVE-2025-21593? +
Related Vulnerabilities
OpenPLC Runtime v3 contains an input validation flaw in the /upload-program-action endpoint: the epoch_time field supplied during program uploads is …
Object lifecycle issue in WebShare in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who convinced a …
The attacker can use the raft server protocol in an unauthenticated way. The attacker can see the server's resources, including …
Resource reuse vulnerability in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality.
Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an Improper Control of a Resource …