Juniper Networks has issued security updates to address a critical security vulnerability affecting its Session Smart Router, Session Smart Conductor, and WAN Assurance Router products. This vulnerability could potentially allow attackers to gain control of vulnerable devices.
The vulnerability is identified as CVE-2025-21589 and has been assigned a CVSS v3.1 score of 9.8 and a CVSS v4 score of 9.3.
According to Juniper Networks, “an Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router may allow a network-based attacker to bypass authentication and take administrative control of the device.” The company provided this information in a recent advisory.
The following products and versions are affected by this vulnerability:
- Session Smart Router: Versions 5.6.7 before 5.6.17, 6.0.8, 6.1 before 6.1.12-lts, 6.2 before 6.2.8-lts, and 6.3 before 6.3.3-r2
- Session Smart Conductor: Versions 5.6.7 before 5.6.17, 6.0.8, 6.1 before 6.1.12-lts, 6.2 before 6.2.8-lts, and 6.3 before 6.3.3-r2
- WAN Assurance Managed Routers: Versions 5.6.7 before 5.6.17, 6.0.8, 6.1 before 6.1.12-lts, 6.2 before 6.2.8-lts, and 6.3 before 6.3.3-r2
Juniper Networks discovered this vulnerability during internal product security testing and research. The company is not aware of any instances of malicious exploitation.
The vulnerability has been addressed in Session Smart Router versions SSR-5.6.17, SSR-6.1.12-lts, SSR-6.2.8-lts, SSR-6.3.3-r2, and later.
“This vulnerability has been patched automatically on devices that operate with WAN Assurance (where configuration is also managed) connected to the Mist Cloud,” the company stated. “However, as a precaution, it is recommended that the routers be upgraded to a version containing the fix.”
