Vulnerabilities
Misconfiguration
Compliance
CVE Vulnerabilities

CVE-2025-52985

Use of Incorrect Operator

Published: Jul 11, 2025 | Modified: Jul 11, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
Vulnerability-free packages from our partners
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2025-52985
CWEhttps://cwe.mitre.org/data/definitions/480.html

A Use of Incorrect Operator

vulnerability in the Routing Engine firewall of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to bypass security restrictions.

When a firewall filter which is applied to the lo0 or re:mgmt interface references a prefix list with from prefix-list, and that prefix list contains more than 10 entries, the prefix list doesnt match and packets destined to or from the local device are not filtered.

This issue affects firewall filters applied to the re:mgmt interfaces as input and output, but only affects firewall filters applied to the lo0 interface as output. This issue is applicable to IPv4 and IPv6 as a prefix list can contain IPv4 and IPv6 prefixes. This issue affects Junos OS Evolved:

  • 23.2R2-S3-EVO versions before 23.2R2-S4-EVO,
  • 23.4R2-S3-EVO versions before 23.4R2-S5-EVO,
  • 24.2R2-EVO versions before 24.2R2-S1-EVO,
  • 24.4-EVO versions before 24.4R1-S3-EVO, 24.4R2-EVO.

This issue doesnt not affect Junos OS Evolved versions before 23.2R1-EVO.

Weakness

The product accidentally uses the wrong operator, which changes the logic in security-relevant ways.

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2025 Aqua Security Software Ltd.   Privacy Policy | Terms of Use