SecurityScorecard Advisory: Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability (CVE-2025-21590) Added to CISA KEV

CVE-2025-21590 is a vulnerability affecting Juniper Routers with a CVSS score of 6.7.  The flaw is found in Juniper routers running end-of-life hardware and software.  As described by Mandiant in a blog post, the threat actor known as UNC3886 was seen targeting Juniper Routers.

On March 13, 2025, this vulnerability was added to CISA’s list of Known Exploited Vulnerabilities (CISA-KEV).

• Severity Medium
• Impact Medium impact (Disrupted operations, potential for material loss)
• Action: Immediate investigation: Implement Patch or update

Since deployment of improved detection, we have already seen 2730 vulnerable devices, and SecurityScorecard’s Attack Surface Intelligence has found 26,395 IPs that are potentially vulnerable to this CVE.