Juniper Networks has introduced patches for practically 220 vulnerabilities in Junos OS, Junos Area, and Safety Director, together with 9 critical-severity flaws affecting Junos Area.
Greater than 200 safety defects had been resolved in Junos Area and Junos Area Safety Director, Juniper’s October 2025 safety advisories, revealed as a part of the corporate’s predefined quarterly schedule, reveal.
Junos Area model 24.1R4 was rolled out with fixes for twenty-four cross-site scripting (XSS) points, together with a critical-severity bug (CVE-2025-59978, CVSS rating of 9.0) that might enable attackers to retailer script tags in textual content pages and execute instructions on a customer’s system with administrative privileges.
Junos Area 24.1R4 Patch V1 was launched with fixes for 162 distinctive CVEs, together with 9 critical-severity flaws: CVE-2019-12900, CVE-2023-38408, CVE-2024-3596, CVE-2024-27280, CVE-2024-35845, CVE-2024-47538, CVE-2024-47607, and CVE-2024-47615.
Juniper additionally resolved a high-severity denial-of-service (DoS) vulnerability and medium-severity arbitrary file obtain and HTTP parameter air pollution bugs in Junos Area.
Moreover, the corporate introduced fixes for 3 high-severity and 15 medium-severity Junos Area Safety Director flaws, and for a high-severity bug in Safety Director Coverage Enforcer.
Junos OS and Junos OS Advanced updates resolved two high-severity DoS safety defects, in addition to medium-severity points that might enable attackers to entry delicate info, get hold of read-write entry to information, trigger DoS circumstances, elevate privileges and/or execute unauthorized instructions, create a backdoor, or bypass a required password change.
Juniper says it’s not conscious of any of those vulnerabilities being exploited within the wild, however customers are suggested to use the patches as quickly as doable, as there are not any workarounds for many of those points.Commercial. Scroll to proceed studying.
Extra info on the resolved vulnerabilities may be discovered on Juniper’s help portal.
Associated: Vulnerabilities Patched by Juniper, VMware and Zoom
Associated: Juniper Networks Patches Dozens of Junos Vulnerabilities
Associated: Unauthenticated RCE Flaw Patched in DrayTek Routers
Associated: Important Vulnerability Places 60,000 Redis Servers at Danger of Exploitation
