CVE-2025-21590MEDIUM 4.4CISA KEVEPSS p73.6%

CVE-2025-21590Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability

Juniper / Junos OS

Description

Juniper Junos OS contains an improper isolation or compartmentalization vulnerability. This vulnerability could allows a local attacker with high privileges to inject arbitrary code.

Scoring

CVSS 3.14.4 (MEDIUM)
VectorCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
EPSS1.66% probability of exploitation · percentile 73.6% · 2026-06-18T12:00:27Z
Published2025-03-12
Last modified2025-10-24

CISA KEV entry

Added to KEV: 2025-03-13

Underlying weaknesses· 1

CWE-653

References

  1. https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-espionage-targets-juniper-routers
  2. https://supportportal.juniper.net/JSA93446
  3. https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-21590

1

TypeTargetConfidenceTier
WeaknessImproper Isolation or Compartmentalizationcwe-6530%live

(incoming)1

TypeTargetConfidenceTier
KEVEntryJuniper Junos OS Improper Isolation or Compartmentalization Vulnerabilitykev-cve-2025-215900%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-21902
CVE
CVE-2025-59978
CVE
CVE-2025-21589
CVE
Juniper ScreenOS Improper Authentication Vulnerability
CVE
Juniper Junos OS Path Traversal Vulnerability
CVE
Oracle Java SE and Java SE Embedded Remote Code Execution Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.