How to fix CVE-2025-52983?

Within 24 hours: Inventory all Juniper Junos OS VM Host systems and identify which versions are deployed; verify no unauthorized SSH keys exist in root accounts and review recent access logs for suspicious authentication attempts. Within 7 days: Implement network segmentation to restrict SSH access to Juniper management interfaces and enforce multi-factor authentication where possible; contact Juniper support for patch timelines and workarounds. Within 30 days: Apply vendor patches as they become available (target versions: 22.2R3-S7+, 22.4R3-S5+, 23.2R2-S3+, 23.4R2-S3+, 24.2R1-S2+); conduct forensic review of all Juniper device access logs for the past 90 days to detect potential exploitation.

Is Junos affected by CVE-2025-52983?

Juniper Networks Junos OS on VM Host systems contains a critical authentication bypass vulnerability that allows unauthorized root access if an attacker possesses a private key associated with a previously configured public key, even after removal from the system.

CVE-2025-52983

EUVD-2025-21147 HIGH

2025-07-11 [email protected]

7.2

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 16, 2026 - 08:18 euvd

EUVD-2025-21147

Analysis Generated

Mar 16, 2026 - 08:18 vuln.today

CVE Published

Jul 11, 2025 - 16:15 nvd

HIGH 7.2

Description

A UI Discrepancy for Security Feature vulnerability in the UI of Juniper Networks Junos OS on VM Host systems allows a network-based, unauthenticated attacker to access the device. On VM Host Routing Engines (RE), even if the configured public key for root has been removed, remote users which are in possession of the corresponding private key can still log in as root. This issue affects Junos OS: * all versions before 22.2R3-S7, * 22.4 versions before 22.4R3-S5, * 23.2 versions before 23.2R2-S3, * 23.4 versions before 23.4R2-S3, * 24.2 versions before 24.2R1-S2, 24.2R2.

Analysis

CVE-2025-52983 is a critical authentication bypass vulnerability in Juniper Networks Junos OS on VM Host Routing Engines where public keys configured for root access are not properly validated, allowing users possessing the corresponding private key to gain unauthorized root-level access even after the public key has been administratively removed from the system. This network-accessible vulnerability affects multiple Junos OS release branches and requires high privileges to configure but enables complete system compromise once exploited. While the CVSS score of 7.2 reflects significant impact, the practical risk depends on KEV designation and active exploitation status.

Technical Context

The vulnerability resides in the SSH authentication implementation of Juniper Networks Junos OS running on VM Host Routing Engines (RE). The root cause stems from CWE-446 (UI Discrepancy for Security Feature), which indicates a mismatch between the security policy as presented in the user interface and the actual security enforcement at the system level. Specifically, when administrators remove a public key for the root user through the management UI, the underlying authentication mechanism fails to properly invalidate or synchronize this change, allowing SSH authentication to succeed with the corresponding private key despite the public key's removal. This affects CPE entries for Juniper Junos OS across multiple version branches: pre-22.2R3-S7, 22.4 before 22.4R3-S5, 23.2 before 23.2R2-S3, 23.4 before 23.4R2-S3, and 24.2 before 24.2R1-S2/24.2R2. The vulnerability is specific to VM Host configurations, suggesting it may relate to how key material is managed in virtualized routing engine environments versus physical hardware.

Affected Products

Juniper Networks Junos OS on VM Host Routing Engines: all versions before 22.2R3-S7; 22.4 versions before 22.4R3-S5; 23.2 versions before 23.2R2-S3; 23.4 versions before 23.4R2-S3; 24.2 versions before 24.2R1-S2 and 24.2R2. Specific CPE identifiers would include cpe:2.3:o:juniper:junos_os:*:*:*:*:*:*:*:* with version constraints as noted above, filtered for VM Host configurations. Physical routing engines and other Juniper platforms (SRX, MX, EX series) may not be affected, though this requires verification against the vendor advisory. End-users should cross-reference their specific hardware platform and OS version against the patched versions listed.

Remediation

Upgrade to patched versions: Junos OS 22.2R3-S7 or later for 22.2 branch; 22.4R3-S5 or later for 22.4 branch; 23.2R2-S3 or later for 23.2 branch; 23.4R2-S3 or later for 23.4 branch; 24.2R1-S2, 24.2R2, or later for 24.2 branch. Interim mitigations pending patch deployment: (1) restrict SSH access to root user through firewall rules and management interface ACLs; (2) rotate root private keys and regenerate public keys on affected systems; (3) audit SSH logs for unauthorized root access attempts and successful logins; (4) disable SSH root login if operationally feasible, using alternative authentication mechanisms for privileged access; (5) implement network-level authentication/2FA solutions if available. Consult Juniper Networks security advisory JSA-related documentation for exact patch filenames and deployment procedures. Verify patch applicability to VM Host configurations specifically before applying.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.2

CVSS: +36

POC: 0

CVE-2025-52983 vulnerability details – vuln.today

Back

CVE-2025-52983

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-52983

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code