1. Home
  2. CVE Database
  3. CVE-2025-30661
HIGH · 7.3

CVE-2025-30661

An Incorrect Permission Assignment for Critical Resource vulnerability in line card script processing of Juniper Networks Junos OS allows a local, low-privileged user to install scripts to be executed...

Vulnerability Description

An Incorrect Permission Assignment for Critical Resource vulnerability in line card script processing of Juniper Networks Junos OS allows a local, low-privileged user to install scripts to be executed as root, leading to privilege escalation. A local user with access to the local file system can copy a script to the router in a way that will be executed as root, as the system boots. Execution of the script as root can lead to privilege escalation, potentially providing the adversary complete control of the system. This issue only affects specific line cards, such as the MPC10, MPC11, LC4800, LC9600, MX304-LMIC16, SRX4700, and EX9200-15C. This issue affects Junos OS: * from 23.2 before 23.2R2-S4,  * from 23.4 before 23.4R2-S5,  * from 24.2 before 24.2R2-S1,  * from 24.4 before 24.4R1-S3, 24.4R2. This issue does not affect versions prior to 23.1R2.

CVSS Score

7.3

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
JuniperJunos23.2
JuniperEx9200-15C-
JuniperLc4800-
JuniperLc9600-
JuniperMpc10E-10C-
JuniperMpc10E-15C-
JuniperMpc11-
JuniperMx304-Lmic16-
JuniperSrx4700-

Related Weaknesses (CWE)

CWE-732

References

FAQ

What is CVE-2025-30661?

CVE-2025-30661 is a vulnerability with a CVSS score of 7.3 (HIGH). An Incorrect Permission Assignment for Critical Resource vulnerability in line card script processing of Juniper Networks Junos OS allows a local, low-privileged user to install scripts to be executed...

How severe is CVE-2025-30661?

CVE-2025-30661 has been rated HIGH with a CVSS base score of 7.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-30661?

Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Ex9200-15C, Juniper Lc4800, Juniper Lc9600, Juniper Mpc10E-10C.