CVE-2025-30650

Summary

A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to Linux-based line cards as root.

This issue affects systems running Junos OS using Linux-based line cards. Affected line cards include:

  • MPC7, MPC8, MPC9, MPC10, MPC11

  • LC2101, LC2103

  • LC480, LC4800, LC9600

  • MX304 (built-in FPC)

  • MX-SPC3

  • SRX5K-SPC3

  • EX9200-40XS

  • FPC3-PTX-U2, FPC3-PTX-U3

  • FPC3-SFF-PTX

  • LC1101, LC1102, LC1104, LC1105

This issue affects Junos OS: 

  • all versions before 22.4R3-S8, 
  • from 23.2 before 23.2R2-S6, 
  • from 23.4 before 23.4R2-S6, 
  • from 24.2 before 24.2R2-S3, 
  • from 24.4 before 24.4R2,
  • from 25.2 before 25.2R2.

Affected Software

VendorProductVersion RangeStatus
Juniper NetworksJunos OS0 < 22.4R3-S8affected
Juniper NetworksJunos OS23.2 < 23.2R2-S6affected
Juniper NetworksJunos OS23.4 < 23.4R2-S6affected
Juniper NetworksJunos OS24.2 < 24.2R2-S3affected
Juniper NetworksJunos OS24.4 < 24.4R2affected
Juniper NetworksJunos OS25.2 < 25.2R2affected

Weaknesses

  • CWE-306: CWE-306 Missing Authentication for Critical Function

Workarounds

There are no known workarounds for this issue.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References