CVE-2025-52989

MEDIUM

5.1

Description

An Improper Neutralization of Delimiters vulnerability in the UI of Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with high privileges to modify the system configuration. A user with limited configuration and commit permissions, using a specifically crafted annotate configuration command, can change any part of the device configuration. This issue affects: Junos OS: * all versions before 22.2R3-S7, * 22.4 versions before 22.4R3-S7, * 23.2 versions before 23.2R2-S4, * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R2-S1, * 24.4 versions before 24.4R1-S2, 24.4R2; Junos OS Evolved: * all versions before 22.4R3-S7-EVO, * 23.2-EVO versions before 23.2R2-S4-EVO, * 23.4-EVO versions before 23.4R2-S5-EVO, * 24.2-EVO versions before 24.2R2-S1-EVO * 24.4-EVO versions before 24.4R2-EVO.

CVE Details

CVSS v3.1 Score5.1

SeverityMEDIUM

CVSS VectorCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L

Attack VectorLOCAL

ComplexityLOW

Privileges RequiredHIGH

User InteractionNONE

Published7/11/2025

Last Modified1/23/2026

Sourcenvd

Honeypot Sightings0

Affected Products

juniper:junosjuniper:junos_os_evolved

Weaknesses (CWE)

CWE-140

References

https://supportportal.juniper.net/JSA100096(sirt@juniper.net)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.