CVE-2025-59959
An Untrusted Pointer Dereference vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with low privileges to cause a Denial-of-Service (DoS). When the command 'show route < ( receive-protocol | advertising-protocol ) bgp > detail' is executed, and at least one of the routes in the intended output has specific attributes, this will cause an rpd crash and restart. 'show route ... extensive' is not affected. This issue affects: Junos OS: * all versions before 22.4R3-S8, * 23.2 versions before 23.2R2-S5, * 23.4 versions before 23.4R2-S5, * 24.2 versions before 24.2R2-S2, * 24.4 versions before 24.4R2; Junos OS Evolved: * all versions before 22.4R3-S8-EVO, * 23.2 versions before 23.2R2-S5-EVO, * 23.4 versions before 23.4R2-S6-EVO, * 24.2 versions before 24.2R2-S2-EVO, * 24.4 versions before 24.4R2-EVO.
EPSS 0.01% · 0.7th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper Networks | Junos OS | 23.2, 0, 24.4 |
| Juniper Networks | Junos OS Evolved | 0, 23.2, 23.4 |
| juniper | junos_os_evolved | 24.2, 22.4, 22.4 |
| juniper | junos | 22.4, 22.4, 22.4 |
Exploit Intelligence
Timeline
- Jan 15, 2026 CVE Published
- Jan 16, 2026 EPSS Score
- Jan 16, 2026 CVE Updated
- Jan 19, 2026 EPSS Score
- Jan 22, 2026 EPSS Score
- Jan 25, 2026 EPSS Score
- Jan 28, 2026 EPSS Score
- Jan 30, 2026 EPSS Score
- Feb 2, 2026 EPSS Score
- Feb 5, 2026 EPSS Score
- Feb 8, 2026 EPSS Score
- Feb 11, 2026 EPSS Score
References
- https://supportportal.juniper.net/ vendor-advisory
- https://kb.juniper.net/JSA103148 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-59959 advisory
- https://supportportal.juniper.net url