CVE-2025-21590 — Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability

2025-03-13 • CISA Known Exploited Vulnerability

[event] Juniper Junos OS contains an improper isolation or compartmentalization vulnerability. This vulnerability could allows a local attacker with high privileges to inject arbitrary code.

> AFFECTED SOFTWARE

Field	Value
Vendor	Juniper
Product	Junos OS
CWE	CWE-653
CVE ID	CVE-2025-21590
Date Added	2025-03-13
Due Date	2025-04-03
Ransomware Campaign	Unknown

> MITIGATION

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due Date: 2025-04-03

> REFERENCES

[1] https://supportportal.juniper.net/s/article/2025-03-Out-of-Cycle-Security-Bullet...
[2] https://nvd.nist.gov/vuln/detail/CVE-2025-21590