What is the CVSS score of CVE-2025-52985?

CVE-2025-52985 has a CVSS 3.1 base score of 5.3 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N. EPSS exploitation probability: 0.0%.

Which versions of Junos Os Evolved are affected by CVE-2025-52985?

CVE-2025-52985 presents moderate security risk rated CVSS 5.3. Exploitation could compromise the security of affected deployments.. A patch is available.

How to fix or mitigate CVE-2025-52985?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Junos Os Evolved CVE-2025-52985

EUVD-2025-21145 MEDIUM

Use of Incorrect Operator (CWE-480)

2025-07-11 sirt@juniper.net

Authentication Bypass Juniper Junos Os Evolved

5.3

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

None

Lifecycle Timeline

Patch available

Apr 16, 2026 - 05:29 EUVD

23.4R2-S5-EVO,24.4R1-S3-EVO,24.2R2-S1-EVO

EUVD ID Assigned

Mar 16, 2026 - 08:18 euvd

EUVD-2025-21145

Analysis Generated

Mar 16, 2026 - 08:18 vuln.today

CVE Published

Jul 11, 2025 - 16:15 nvd

MEDIUM 5.3

DescriptionNVD

A Use of Incorrect Operator

vulnerability in the Routing Engine firewall of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to bypass security restrictions.

When a firewall filter which is applied to the lo0 or re:mgmt interface references a prefix list with 'from prefix-list', and that prefix list contains more than 10 entries, the prefix list doesn't match and packets destined to or from the local device are not filtered.

This issue affects firewall filters applied to the re:mgmt interfaces as input and output, but only affects firewall filters applied to the lo0 interface as output. This issue is applicable to IPv4 and IPv6 as a prefix list can contain IPv4 and IPv6 prefixes. This issue affects Junos OS Evolved:

23.2R2-S3-EVO versions before 23.2R2-S4-EVO,
23.4R2-S3-EVO versions before 23.4R2-S5-EVO,
24.2R2-EVO versions before 24.2R2-S1-EVO,
24.4-EVO versions before 24.4R1-S3-EVO, 24.4R2-EVO.

This issue doesn't affect Junos OS Evolved versions before 23.2R1-EVO.

AnalysisAI

CVE-2025-52985 is a security vulnerability (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Technical ContextAI

Vulnerability type not specified by vendor.

RemediationAI

Monitor vendor channels for patch availability.

More from same product – last 7 days

CVE-2026-48687 CRITICAL Act Now

9.8 May 26

OS command injection in FastNetMon Community Edition (through 1.2.9) lets attacker-controlled input reach an unescaped e

CVE-2025-52985 vulnerability details – vuln.today

Back

Junos Os Evolved CVE-2025-52985

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

More from same product – last 7 days

Share

External POC / Exploit Code