Summary: Juniper Networks has issued emergency security updates to address a vulnerability (CVE-2025-21590) in Junos OS that has been exploited by Chinese hackers to create backdoors in routers. This medium severity flaw allows local attackers to execute arbitrary code, compromising device integrity. Affected customers are advised to upgrade their systems promptly and restrict shell access to mitigate risks.
Affected: Juniper Networks devices including NFX-Series, Virtual SRX, SRX-Series, EX-Series, QFX-Series, ACX, and MX-Series
Keypoints :
- Vulnerability CVE-2025-21590 enables high-privileged local attackers to execute arbitrary code on affected routers.
- CISA has mandated federal agencies to secure vulnerable Juniper devices by April 3rd, due to the ongoing exploitation by malicious actors.
- Chinese espionage group UNC3886 has been attributed to deploying custom backdoors on Juniper routers since 2024.