CVE-2025-52954

{"id": "CVE-2025-52954", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}], "cvssMetricV40": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.5, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-07-11T15:15:26.270", "references": [{"url": "https://supportportal.juniper.net/JSA100060", "tags": ["Vendor Advisory"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "A Missing Authorization vulnerability in the internal virtual routing and forwarding (VRF) of Juniper Networks Junos OS Evolved\u00a0allows a local, low-privileged user to gain root privileges, leading to a system compromise.\n\nAny low-privileged user with the capability to send packets over the internal VRF can execute arbitrary Junos commands and modify the configuration, and thus compromise the system.\u00a0\n\nThis issue affects Junos OS Evolved:\u00a0\n\n\n\n * All versions before 22.2R3-S7-EVO,\u00a0\n * from 22.4 before 22.4R3-S7-EVO,\u00a0\n * from 23.2 before 23.2R2-S4-EVO,\u00a0\n * from 23.4 before 23.4R2-S5-EVO,\u00a0\n * from 24.2 before\u00a024.2R2-S1-EVO\n * from 24.4 before 24.4R1-S2-EVO, 24.4R2-EVO."}, {"lang": "es", "value": "Una vulnerabilidad de falta de autorizaci\u00f3n en el enrutamiento y reenv\u00edo virtual (VRF) interno de Juniper Networks Junos OS Evolved permite que un usuario local con pocos privilegios obtenga permisos de root, lo que compromete el sistema. Cualquier usuario con pocos privilegios capaz de enviar paquetes a trav\u00e9s del VRF interno puede ejecutar comandos arbitrarios de Junos y modificar la configuraci\u00f3n, comprometiendo as\u00ed el sistema. Este problema afecta a Junos OS Evolved: * Todas las versiones anteriores a 22.2R3-S7-EVO, * desde la versi\u00f3n 22.4 hasta la 22.4R3-S7-EVO, * desde la versi\u00f3n 23.2 hasta la 23.2R2-S4-EVO, * desde la versi\u00f3n 23.4 hasta la 23.4R2-S5-EVO, * desde la versi\u00f3n 24.2 hasta la 24.2R2-S1-EVO, * desde la versi\u00f3n 24.4 hasta la 24.4R1-S2-EVO, 24.4R2-EVO."}], "lastModified": "2026-01-23T19:37:01.383", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D30A46A8-A9FE-48FF-BC88-841493254FBB", "versionEndExcluding": "22.2"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3CA3365-F9AF-40DF-8700-30AD4BC58E27"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D77A072D-350A-42F2-8324-7D3AC1711BF9"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83AE395C-A651-4568-88E3-3600544BF799"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7FEFD0A-A969-4F53-8668-1231FD675D6F"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3BE1FD4-DAD9-4357-A2E9-20E5826B0D5C"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81CC3480-4B65-4588-8D46-FA80A8F6D143"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7E76F5F-DB37-4B7F-9247-3CEB4EBD7696"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C63DBEE5-B0C2-498F-A672-B6596C89B0A2"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9370C46D-3AA1-4562-B67F-DF6EA10F209B"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1FD8C240-A7FE-4FD5-ADCC-289C1BC461BF"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2FB9F20B-7683-4B0D-8D2B-5569414EBC29"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD0A8640-4448-41AB-84D1-431C56397223"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "871432BA-CA86-4EAE-A602-F02AF008B682"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "89CD04DA-5669-4BBF-9C77-2DC68BFB9327"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A33C425-921F-4795-B834-608C8F1597E0"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93887799-F62C-4A4A-BCF5-004D0B4D4154"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62C473D2-2612-4480-82D8-8A24D0687BBD"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FB4C5CA-A709-4B13-A9E0-372098A72AD3"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "04CE952D-E3C1-4B34-9E65-EC52BFE887AB"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8AE9D1A7-4721-4E1D-B965-FDC38126B1DD"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8643AA3-29EF-48A7-B033-CB60988E214B"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9800BA03-E6BF-4212-B2E7-69C0FD27D294"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ACCA655D-C542-44F1-B183-4C864CFF2D4F"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D499B19-A91A-4B76-B1CB-6A07A4CB212B"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B6B2830C-26EE-446E-B0C3-B5E43AD897B8"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C7367E6-B491-4A1F-B9D7-BC86A15A0773"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72A89D1E-9EA4-4959-9F54-84F1F99A4ADB"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01980CDF-A5CE-480D-BCED-BD5E29E4DE5F"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6DEAA7FD-385F-4221-907E-65ABC16BE4BE"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DDEC008A-3137-48D1-8ABC-6DB0EFC40E50"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "558D234D-BC50-415F-86D6-8E19D6C3ACE0"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33F4EEEE-77E9-4973-A770-99E7BA2F05F5"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4BB6910-B994-45FD-8153-5EC00EE842E6"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D657944B-2066-4F2C-BC92-EDF4DE1C165C"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75A58924-6348-44CF-AB39-1FCE17FE81AC"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A903B31-D9E5-43FA-B09F-7E7769803720"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D7F0D73-85EE-4A07-B51B-6BF52ECBA75E"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE777A1F-9CD9-426E-AF1C-FBE01EB9A4A8"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7147BA60-30A5-4CED-9AAF-F6BEA0528B89"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E5CE59B-14B2-4F4C-81B5-0430EC954956"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB82B22F-9005-4EF0-A1E3-4261757783D4"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0224D3F1-8B86-432C-8F5B-B4B7B69ADF31"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB2FE5FE-0ADE-406E-A23D-FDCC104B2496"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E58987A-D7B7-4FFF-9969-E8FD76AE2BE3"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E779C0D4-A8F7-4976-B3C8-B9802B96E715"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0DD89AAD-C615-42AF-B8AF-E6067862F0F5"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28AFF11D-E418-4A76-B557-F60622602537"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A86A69D-2B90-4B3B-A6EC-88358284787D"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "080BEA58-9667-4C2C-810D-DC1187DB67DA"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B32ADA05-5F5D-45B6-BB7B-3FA6A6F229F5"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6526E82-A6A6-4A65-9B01-B3FCB947F44E"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25DA0DD2-E974-448C-BD05-ED6FCA4725FB"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}