How severe is CVE-2025-21590?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.4 out of 10.

What type of vulnerability is CVE-2025-21590?

This is classified as CWE-653, which is a common weakness in software security.

CVE-2025-21590 - MEDIUM Severity | CVSS 4.4

Vulnerability Description

An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device. A local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device. This issue is not exploitable from the Junos CLI. This issue affects Junos OS: * All versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S10, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3-S6, * 23.2 versions before 23.2R2-S3, * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R1-S2, 24.2R2.

Related Vulnerabilities

CVE-2024-49373

MEDIUM

CVSS:4.3(Medium)

No Fuss Computing Centurion ERP is open source enterprise resource planning (ERP) software. Prior to version 1.2.1, an authenticated user can view projects within organizations they are not apart of. ...

CWE-6532024

CVE-2023-1636

MEDIUM

CVSS:5.0(Medium)

A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. Barbican containers share the same CGROUP, US...

CWE-6532023

CVE-2025-26393

MEDIUM

CVSS:5.4(Medium)

SolarWinds Service Desk is affected by a broken access control vulnerability. The issue allows authenticated users to escalate privileges, leading to unauthorized data manipulation.

CWE-6532025

CVE-2023-29580

MEDIUM

CVSS:5.5(Medium)

yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the component yasm_expr_create at /libyasm/expr.c.

CWE-6532023

CVE-2024-0137

MEDIUM

CVSS:5.5(Medium)

NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host’s network namespace. This vulnerability...

CWE-6532024

CVE-2024-35425

MEDIUM

CVSS:5.5(Medium)

vmir e8117 was discovered to contain a segmentation violation via the function_prepare_parse function at /src/vmir_function.c.

CWE-6532024