CVE-2025-30650
6.7
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to Linux-based line cards as root.
This issue affects systems running Junos OS using Linux-based line cards. Affected line cards include:
MPC7, MPC8, MPC9, MPC10, MPC11
LC2101, LC2103
LC480, LC4800, LC9600
MX304 (built-in FPC)
MX-SPC3
SRX5K-SPC3
EX9200-40XS
FPC3-PTX-U2, FPC3-PTX-U3
FPC3-SFF-PTX
LC1101, LC1102, LC1104, LC1105
This issue affects Junos OS:
- all versions before 22.4R3-S8,
- from 23.2 before 23.2R2-S6,
- from 23.4 before 23.4R2-S6,
- from 24.2 before 24.2R2-S3,
- from 24.4 before 24.4R2,
- from 25.2 before 25.2R2.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Juniper Networks | Junos OS | 0 < 22.4R3-S8 | affected |
| Juniper Networks | Junos OS | 23.2 < 23.2R2-S6 | affected |
| Juniper Networks | Junos OS | 23.4 < 23.4R2-S6 | affected |
| Juniper Networks | Junos OS | 24.2 < 24.2R2-S3 | affected |
| Juniper Networks | Junos OS | 24.4 < 24.4R2 | affected |
| Juniper Networks | Junos OS | 25.2 < 25.2R2 | affected |
Weaknesses
- CWE-306: CWE-306 Missing Authentication for Critical Function
Workarounds
There are no known workarounds for this issue.
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://github.com/orangecertcc/security-research/security/advisories/GHSA-fwhc-gh5m-v8fq
- https://kb.juniper.net/JSA107863
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.