Juniper Junos OS Hit by Critical BGP Use-After-Free Vulnerability (CVE-2025-52946)
Introduction
Network stability is once again under threat with a critical vulnerability identified in Juniper Networks' Junos OS and Junos OS Evolved. CVE-2025-52946, a Use After Free flaw, allows attackers to crash the routing protocol daemon (rpd) through specifically malformed BGP updates, potentially causing sustained denial-of-service (DoS) conditions. Given the widespread deployment of Juniper hardware in critical infrastructure, the implications of this vulnerability are severe and demand immediate attention.
Technical Information
The vulnerability is rooted in improper memory handling within the routing protocol daemon (rpd) when processing BGP updates containing malformed AS PATH attributes. Specifically, the flaw manifests when BGP traceoptions are enabled, causing a use-after-free condition upon receipt of a maliciously crafted AS PATH attribute. This results in the rpd process crashing and restarting. Continuous exploitation leads to a sustained denial-of-service condition, severely impacting network operations.
Attack Vector and Exploitation
Successful exploitation requires:
- BGP traceoptions enabled.
- An established BGP session.
- Receipt of a specifically malformed AS PATH attribute within a BGP update.
The vulnerability does not affect systems without traceoptions enabled, limiting its scope but not its potential impact.
Patch Information
Juniper Networks has addressed CVE-2025-52946 by releasing updated versions of Junos OS and Junos OS Evolved. Administrators should upgrade immediately to:
-
Junos OS:
- Versions 21.2R3-S9 and later
- Versions 22.2R3-S6 and later
- Versions 22.4R3-S5 and later
- Versions 23.2R2-S3 and later
- Versions 23.4R2-S4 and later
- Versions 24.2R2 and later
-
Junos OS Evolved:
- Versions 22.4R3-S5-EVO and later
- Versions 23.2R2-S3-EVO and later
- Versions 23.4R2-S4-EVO and later
- Versions 24.2R2-EVO and later
Consult the official Juniper Networks security advisory for detailed instructions on obtaining and applying these updates.
Detection Methods
Detecting exploitation involves monitoring for unexpected crashes of the rpd process. Indicators of compromise include:
- Frequent rpd process crashes.
- Unexplained BGP session resets or instability.
Administrators should regularly review system logs and employ network monitoring solutions to detect anomalies indicative of exploitation attempts.
Affected Systems and Versions
-
Junos OS:
- All versions before 21.2R3-S9
- All versions of 21.4
- Versions 22.2 before 22.2R3-S6
- Versions 22.4 before 22.4R3-S5
- Versions 23.2 before 23.2R2-S3
- Versions 23.4 before 23.4R2-S4
- Versions 24.2 before 24.2R2
-
Junos OS Evolved:
- All versions before 22.4R3-S5-EVO
- Versions 23.2-EVO before 23.2R2-S3-EVO
- Versions 23.4-EVO before 23.4R2-S4-EVO
- Versions 24.2-EVO before 24.2R2-EVO
References
Stay vigilant and ensure your network infrastructure remains secure by promptly applying the recommended updates and monitoring for exploitation attempts.
Source: This report was created using AI
If you have suggestions for improvement or feedback, please reach out to us at [email protected]