New Junos OS Vulnerability Can Cause BGP Session Resets

by FastNetMon / 14.07.2025 / Comments are closed
New BGP Vulnerability in Junos OS can cause BGP resets

Juniper Networks has disclosed a new vulnerability (CVE-2025-52953) affecting Junos OS and Junos OS Evolved, which allows an unauthenticated adjacent attacker to send a valid BGP UPDATE packet that resets live BGP sessions, leading to a sustained denial of service (DoS) condition.The issue resides in the routing protocol daemon (rpd) and impacts both iBGP and eBGP in IPv4 and IPv6 environments. Crucially, your network is only vulnerable if it’s configured to support the inet6-vpn unicast address family. This includes any of the following minimal configurations:

[protocols bgp group <group-name> neighbor <peer-ip-address> family inet6-vpn unicast]
[protocols bgp group <group-name> family inet6-vpn unicast]
[protocols bgp family inet6-vpn unicast]

Affected Versions

All Junos OS and Junos OS Evolved versions prior to the following fixed releases are impacted:

  • Junos OS:
    • 21.2R3-S9, 21.4R3-S11, 22.2R3-S7, 22.4R3-S7
    • 23.2R2-S4, 23.4R2-S4, 24.2R2, 24.4R1-S3, 24.4R2
    • 25.2R1 and later
  • Junos OS Evolved:
    • 22.2R3-S7-EVO, 22.4R3-S7-EVO, 23.2R2-S4-EVO
    • 23.4R2-S4-EVO, 24.2R2-EVO, 24.4R1-S3-EVO, 24.4R2-EVO
    • 25.2R1-EVO and later

Severity

  • CVSS v3.1 Score: 6.5 (Medium)
  • CVSS v4.0 Score: 7.1 (High)
  • No workarounds are currently available.
  • No known active exploitation in the wild.

Juniper discovered the issue during routine production use and is tracking it under bug ID 1855477.

 Recommended actions:

 If you’re running Junos OS or Junos OS Evolved with IPv6 VPN unicast address families in BGP, prioritize patching immediately. These kinds of session-reset vulnerabilities can lead to traffic blackholing, network instability, and outages—especially in service provider and data center environments.

Monitoring BGP session stability and unexpected resets is critical. FastNetMon users can use real-time BGP anomaly detection to catch disruptions like these early.

About FastNetMon

FastNetMon is a leading solution for network security, offering advanced DDoS detection and mitigation. With real-time analytics and rapid response capabilities, FastNetMon helps organisations protect their infrastructure from evolving cyber threats.

For more information, visit https://fastnetmon.com

24/7 Tech Support

support@fastnetmon.com

Email Us

sales@fastnetmon.com