Juniper Networks has patched a vital vulnerability that permits attackers to bypass authentication and take over Session Sensible Router (SSR) units.
The security flaw (tracked as CVE-2025-21589) was discovered throughout inner product security testing, and it additionally impacts Session Sensible Conductor and WAN Assurance Managed Routers.
“An Authentication Bypass Utilizing an Alternate Path or Channel vulnerability in Juniper Networks Session Sensible Router could permit a network-based attacker to bypass authentication and take administrative management of the machine,” the American networking infrastructure firm stated in an out-of-cycle security advisory launched final week.
In response to Juniper’s Safety Incident Response Workforce (SIRT), the corporate has but to seek out proof that the vulnerability has been focused in assaults.
Juniper has mounted the vulnerability in SSR-5.6.17, SSR-6.1.12-lts, SSR-6.2.8-lts, SSR-6.3.3-r2, and subsequent releases. Whereas the corporate says that some units related to the Mist Cloud have already been patched, admins are suggested to improve all affected methods to one among these patched software program variations.
“In a Conductor-managed deployment, it’s ample to improve solely the Conductor nodes and the repair might be utilized robotically to all related routers. As sensible, the routers ought to nonetheless be upgraded to a set model nevertheless they won’t be susceptible as soon as they hook up with an upgraded Conductor,” Juniper stated.
Continuously focused in assaults
Juniper units are generally focused in assaults on account of their use in vital environments and are commonly focused inside lower than every week after the seller releases security updates.
As an example, in June final 12 months, Juniper launched emergency updates to handle one other SSR authentication bypass (tracked as CVE-2024-2973) that may be exploited to take full management of unpatched units.
In August, the ShadowServer menace monitoring service warned of menace actors utilizing a watchTowr Labs proof-of-concept (PoC) exploit focusing on a distant code execution exploit chain to assault Juniper EX switches and SRX firewalls.
One month later, VulnCheck discovered 1000’s of Juniper units nonetheless susceptible to assaults utilizing the identical exploit chain.
Extra not too long ago, in December, Juniper additionally warned prospects of attackers scanning the Web for Session Sensible routersusing default credentials and infecting them with Mirai malware.