1. 主頁
  2. 保安警報
  3. 保安警報 (A25-10-10)

保安警報 (A25-10-10): Juniper Networks 產品多個漏洞


 

發布日期: 2025年 10月 13日

分享到 Facebook    分享到 X   

描述:

Juniper Networks 發布了安全公告,以應對 Junos OS 及 Junos OS Evolved 的多個漏洞。有關漏洞的詳細資料,請參閱供應商網站的相應安全公告。

 

受影響的系統:

  • Juniper Networks Junos OS
  • Juniper Networks Junos OS Evolved

有關受影響系統的詳細資料,請參閱供應商網站的相應安全公告。

 

影響:

成功利用漏洞可以導致受影響的系統發生遠端執行程式碼、權限提升、泄漏資訊、服務被拒絕或繞過保安限制。

 

建議:

適用於受影響系統的修補程式已可獲取。受影響系統的系統管理員應遵從產品供應商的建議,立即採取行動以降低風險。

 

進一步資訊:

  • https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Device-allows-login-for-user-with-expired-password-CVE-2025-60010
  • https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Specific-BGP-EVPN-update-message-causes-rpd-crash-CVE-2025-60004
  • https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-With-BGP-sharding-enabled-change-in-indirect-next-hop-can-cause-RPD-crash-CVE-2025-59962
  • https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-Evolved-ACX7024-ACX7024X-ACX7100-32C-ACX7100-48L-ACX7348-ACX7509-When-specific-valid-multicast-traffic-is-received-on-the-L3-interface-a-vulnerable-device-evo-pfemand-crashes-and-restarts-CVE-2025-59967
  • https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-Evolved-Multiple-OS-command-injection-vulnerabilities-fixed-CVE-2025-60006
  • https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-Evolved-PTX-Series-except-PTX10003-An-unauthenticated-adjacent-attacker-sending-specific-valid-traffic-can-cause-a-memory-leak-in-cfmman-leading-to-FPC-crash-and-restart-CVE-2025-52961
  • https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-Evolved-PTX-Series-When-firewall-filter-rejects-traffic-these-packets-are-erroneously-sent-to-the-RE-CVE-2025-59958
  • https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-EX4600-Series-and-QFX5000-Series-An-attacker-with-physical-access-can-open-a-persistent-backdoor-CVE-2025-59957
  • https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-SRX4700-When-forwarding-options-sampling-is-enabled-any-traffic-destined-to-the-RE-will-cause-the-forwarding-line-card-to-crash-and-restart-CVE-2025-59964
  • https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-SRX-Series-and-MX-Series-Receipt-of-specific-SIP-packets-in-a-high-utilization-situation-causes-a-flowd-crash-CVE-2025-52960
  • https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-When-a-user-with-the-name-ftp-or-anonymous-is-configured-unauthenticated-filesystem-access-is-allowed-CVE-2025-59980
  • https://www.hkcert.org/tc/security-bulletin/juniper-junos-os-multiple-vulnerabilities_20251010
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52960 (to CVE-2025-52961)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59957 (to CVE-2025-59958)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59962
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59964
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59967
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59980
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60004
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60006
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60010


標籤 : Juniper , Junos OS
標籤