CVE-2025-52988: Junos OS CLI Command Injection Privilege Escalation to Root

Key Information Vulnerability Overview CVE ID: CVE-2025-52988 Title: 2025-07 Security Bulletin: Junos OS and Junos OS Evolved: Privilege escalation to root via CLI command 'request system logout' Severity: Medium CVSS Score: - v3.1: 6.7 - v4.0: 8.4 Affected Products Junos OS: - All versions prior to 21.2R3-S6 - 21.4 versions prior to 21.4R3-S8 - 22.2 versions prior to 22.2R3-S6 - 22.3 versions prior to 22.3R3-S3 - 22.4 versions prior to 22.4R3-S6 - 23.2 versions prior to 23.2R2-S1 - 23.4 versions prior to 23.4R1-S2, 23.4R2 Junos OS Evolved: - All versions prior to 22.4R3-S6-EVO - 23.2-EVO versions prior to 23.2R2-S1-EVO - 23.4-EVO versions prior to 23.4R1-S2-EVO, 23.4R2-EVO Issue Description Vulnerability Type: OS Command Injection Impact: A high-privileged local attacker can escalate privileges to root by executing the CLI command ' ', thereby gaining full control over the device. Resolution Fixed Versions: - Junos OS Evolved: 22.4R3-S6-EVO, 23.2R2-S1-EVO, 23.4R1-S2-EVO, 23.4R2-EVO, 24.2R1-EVO and later versions - Junos OS: 21.2R3-S9, 21.4R3-S8, 22.2R3-S6, 22.3R3-S3, 22.4R3-S6, 23.2R2-S1, 23.4R1-S2, 23.4R2, 24.2R1 and later versions Mitigation Restrict CLI access using access control lists or firewall filters to only trusted hosts and administrators. Disable execution of the ' ' command via CLI authorization. Additional Information Tracking ID: 1794613 Discovery Method: External Security Research Acknowledgement: Reported by the National Security Agency

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2025-52988: Junos OS CLI Command Injection Privilege Escalation to Root