Which versions of Juniper are affected by CVE-2025-21590?

Organizations using An Improper should be aware of notable risk from CVE-2025-21590 rated CVSS 6.7. Exploitation could compromise the security of affected deployments.

Is CVE-2025-21590 being actively exploited?

Yes, CVE-2025-21590 is listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, confirming active in-the-wild exploitation. Immediate patching is required.

How to fix or mitigate CVE-2025-21590?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Juniper CVE-2025-21590

Q: What is the CVSS score of CVE-2025-21590?

CVE-2025-21590 has a CVSS 4.0 base score of 6.7 (Medium). CVSS vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.9%.

MEDIUM

Improper Isolation or Compartmentalization (CWE-653)

2025-03-12 sirt@juniper.net

Privilege Escalation Juniper

6.7

CVSS 4.0

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

Mar 26, 2026 - 11:20 vuln.today

Added to CISA KEV

Oct 24, 2025 - 16:44 cisa

CISA KEV

CVE Published

Mar 12, 2025 - 14:15 nvd

MEDIUM 6.7

DescriptionNVD

An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device.

A local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device. This issue is not exploitable from the Junos CLI. This issue affects Junos OS:

All versions before 21.2R3-S9,
21.4 versions before 21.4R3-S10,
22.2 versions before 22.2R3-S6,
22.4 versions before 22.4R3-S6,
23.2 versions before 23.2R2-S3,
23.4 versions before 23.4R2-S4,
24.2 versions before 24.2R1-S2, 24.2R2.

AnalysisAI

A security vulnerability in An Improper (CVSS 6.7) that allows a local attacker with high privileges. Risk factors: actively exploited (KEV-listed).

Technical ContextAI

Vulnerability type not specified by vendor. Affects An Improper.

Affected ProductsAI

An Improper

RemediationAI

Monitor vendor channels for patch availability. This is CISA KEV-listed — federal agencies must remediate per BOD 22-01 deadlines.

More from same product – last 7 days

CVE-2026-48687 CRITICAL Act Now

9.8 May 26

OS command injection in FastNetMon Community Edition (through 1.2.9) lets attacker-controlled input reach an unescaped e

CVE-2025-21590 vulnerability details – vuln.today

Back

Juniper CVE-2025-21590

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

Affected ProductsAI

RemediationAI

More from same product – last 7 days

Share

Juniper CVE-2025-21590

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

Affected ProductsAI

RemediationAI

More from same product – last 7 days

Share

External POC / Exploit Code