CVE-2025-59959 is a medium-severity vulnerability classified under CWE-822 (Untrusted Pointer Dereference) affecting the routing protocol daemon (rpd) component of Juniper Networks Junos OS and Junos OS Evolved. The vulnerability arises when a local, authenticated user with low privileges executes the command 'show route <(receive-protocol|advertising-protocol) bgp> detail' and the output includes routes with specific attributes that trigger an untrusted pointer dereference in the rpd process. This causes the rpd to crash and subsequently restart, resulting in a Denial-of-Service (DoS) condition that disrupts routing services temporarily. The vulnerability affects all versions of Junos OS before 22.4R3-S8, certain 23.2, 23.4, 24.2, and 24.4 versions prior to their respective patch releases, as well as corresponding versions of Junos OS Evolved. The issue does not affect the 'show route ... extensive' command variant, indicating a specific parsing or handling flaw in the detailed route display logic. Exploitation requires local access with authentication but only low privileges, making it feasible for insiders or attackers who have gained limited access. The vulnerability does not impact confidentiality or integrity but affects availability by causing service interruptions. No public exploits have been reported, and Juniper has released patches in the specified versions to remediate the issue.

For European organizations relying on Juniper Networks Junos OS or Junos OS Evolved in their network infrastructure, this vulnerability poses a risk of temporary Denial-of-Service affecting routing services. The rpd process crash and restart can lead to transient network outages, routing instability, or degraded network performance, impacting business-critical communications and services. Organizations with multi-tenant environments or those with strict uptime requirements may experience operational disruptions. Since exploitation requires local authenticated access with low privileges, the threat is higher for environments where internal threat actors or compromised user accounts exist. The lack of confidentiality or integrity impact limits data breach risks, but availability disruptions can affect service level agreements (SLAs) and incident response efforts. The vulnerability is particularly relevant for ISPs, data centers, financial institutions, and critical infrastructure operators in Europe that deploy Juniper routing equipment extensively.

European organizations should prioritize patching affected Junos OS and Junos OS Evolved versions to the fixed releases: 22.4R3-S8 or later, 23.2R2-S5 or later, 23.4R2-S5 (or S6 for EVO) or later, 24.2R2-S2 or later, and 24.4R2 or later. Until patches are applied, restrict local access to network devices to trusted administrators only and enforce strict authentication and authorization controls to minimize the risk of low-privilege exploitation. Monitor and audit usage of the 'show route' commands, especially those involving BGP protocol details, to detect unusual or unauthorized command executions. Implement network segmentation and role-based access controls (RBAC) to limit the exposure of Juniper devices to potentially malicious insiders or compromised accounts. Additionally, maintain up-to-date backups and incident response plans to quickly recover from potential DoS incidents. Engage with Juniper support for any additional recommended mitigations or workarounds if immediate patching is not feasible.