CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Apr 3, 2025
Description
Juniper Junos OS contains an improper isolation or compartmentalization vulnerability. This vulnerability could allows a local attacker with high privileges to inject arbitrary code.
EPSS — Exploit Probability
0.9%
Higher than 75.2% of all CVEs
Required Action
https://supportportal.juniper.net/s/article/2025-03-Out-of-Cycle-Security-Bulletin-Junos-OS-A-local-attacker-with-shell-access-can-execute-arbitrary-code-CVE-2025-21590?language=en_US ; https://nvd.nist.gov/vuln/detail/CVE-2025-21590
Risk Assessment
ELEVATEDIn CISA KEV
Details
- Severity
- High
- EPSS
- 0.9%
- CISA KEV
- Yes
- Ransomware
- Unknown
- Articles
- 0
Timeline
Published
Mar 13, 2025
Added to KEV
Mar 13, 2025
Remediation Due
Apr 3, 2025