This vulnerability is an improper input validation flaw that permits an unauthenticated adjacent attacker to send a specific genuine BGP packet into an established BGP session. The packet causes the router to reset that session, disrupting the exchange of routing information and resulting in a denial of service for all routes learned over the affected link. When the attacker repeats the injection, the outage can be sustained until the session is reestablished or the device is rebooted.

Juniper Networks Junos OS and Junos OS Evolved are impacted. For Junos OS the flaw exists in all releases prior to 25.2R2; the 25.2R2, 25.4R1, and all newer releases contain the fix. For Junos OS Evolved, the issue exists in all releases prior to 25.2R2-EVO; the 25.2R2-EVO, 25.4R1-EVO, and all later releases resolve the vulnerability. Both eBGP and iBGP sessions over IPv4 and IPv6 are affected; versions earlier than 25.2R1 (Junos OS) or 25.2R1-EVO (Junos OS Evolved) are not affected.

The CVSS score of 7.1 reflects moderate to high severity. Because the exploit requires only access to a pre‑established BGP session and no authentication, the threat is realistic for attackers who can become an adjacent BGP neighbor on the network. No exploit probability metric is available and the vulnerability is not listed in the CISA KEV catalog, but the lack of a workaround and the potential for widespread service interruption make the risk significant. Attackers can trigger repeated BGP resets to sustain a denial of service, compromising network reliability.