HOMEVULNERABILITIESCVE-2025-60010
MEDIUM

CVE-2025-60010

CWE-262Published: October 9, 2025· Updated: Jun 17, 2026

5.4
CVSS v3.1

Official Description

A password aging vulnerability in the RADIUS client of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to access the device without enforcing the required password change.

Affected devices allow logins by users for whom the RADIUS server has responded with a reject and required the user to change the password as their password was expired. Therefore the policy mandating the password change is not enforced.

This does not allow users to login with a wrong password, but only with the correct but expired one.

This issue affects:

Junos OS: 

* all versions before 22.4R3-S8,

* 23.2 versions before 23.2R2-S4,

* 23.4 versions before 23.4R2-S5,

* 24.2 versions before 24.2R2-S1,

* 24.4 versions before 24.4R1-S3, 24.4R2;

Junos OS Evolved:

* all versions before 22.4R3-S8-EVO,

* 23.2 versions before 23.2R2-S4-EVO,

* 23.4 versions before 23.4R2-S5-EVO,

* 24.2 versions before 24.2R2-S1-EVO,

* 24.4 versions before 24.4R1-S3-EVO, 24.4R2-EVO.

NVD Source

Technical Analysis

CVE-2025-60010 can be exploited remotely over the network without requiring physical or adjacent access, significantly expanding the attack surface for threat actors.

Exploitation requires low privileges, which limits the exposure to scenarios where an attacker has already gained initial access.

CVSS v3.1 Vector Breakdown

Exploitability
Attack VectorNetwork
Attack ComplexityLow
Privileges Req.Low
User InteractionNone
ScopeUnchanged
Impact
ConfidentialityLow
IntegrityLow
AvailabilityNone
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Affected Vendors & Products

Juniper Networks2 product(s)
junosjunos os evolved
Source: NVD CPE · 12 total CPE entries

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

Official Patches & Advisories

All References (1)

Quick Facts

CVE IDCVE-2025-60010
CVSS Score5.4 / 10
SeverityMEDIUM
WeaknessCWE-262
CISA KEVNo
Affected1 vendor(s)
PublishedOct 9, 2025

Related CVEs (CWE-262)

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2025-60010 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.