CVE-2025-60007 is a NULL Pointer Dereference vulnerability classified under CWE-476 found in the chassis daemon (chassisd) component of Juniper Networks Junos OS, specifically impacting MX, SRX, and EX Series devices. The flaw arises when a local user with low privileges executes the 'show chassis' command with specially crafted options, causing the chassisd process to dereference a NULL pointer, which leads to its crash and automatic restart. This crash triggers the reinitialization of all chassis components except the Routing Engine (RE), causing a temporary but complete service outage on the device. The outage affects network availability until the system recovers. The vulnerability exists in all Junos OS versions before 22.4R3-S8, 23.2 versions before 23.2R2-S5, 23.4 versions before 23.4R2-S6, 24.2 versions before 24.2R2-S2, and 24.4 versions before 24.4R2. Exploitation requires local access with low privileges and does not require user interaction, making it moderately easy to exploit in environments where local access is possible. The CVSS v3.1 base score is 5.5, reflecting a medium severity primarily due to the impact on availability without affecting confidentiality or integrity. No known exploits have been reported in the wild, but the vulnerability poses a risk of network disruption in critical infrastructure relying on affected Juniper devices.

For European organizations, this vulnerability poses a risk of temporary network outages due to the Denial-of-Service condition triggered on critical Juniper network infrastructure devices. MX, SRX, and EX Series devices are widely used in enterprise and service provider networks across Europe for routing, security, and switching functions. A successful exploit could disrupt business operations, degrade service availability, and impact dependent services such as internet connectivity, VPNs, and internal communications. Although the system recovers automatically, the outage duration and frequency could affect SLAs and operational continuity, especially in sectors like finance, telecommunications, and government where network uptime is critical. The requirement for local access limits remote exploitation but insider threats or compromised internal systems could leverage this vulnerability to cause disruption. The lack of impact on confidentiality and integrity reduces risks of data breaches but elevates concerns around network reliability and resilience.

European organizations should prioritize applying the patches released by Juniper for the affected Junos OS versions, specifically upgrading to versions 22.4R3-S8 or later, 23.2R2-S5 or later, 23.4R2-S6 or later, 24.2R2-S2 or later, and 24.4R2 or later. In addition to patching, organizations should restrict local access to network devices by enforcing strict access controls, including multi-factor authentication and role-based access control to limit the ability of low-privilege users to execute potentially harmful commands. Network segmentation should be employed to isolate management interfaces and reduce the attack surface. Monitoring and alerting on unusual command executions, especially 'show chassis' with uncommon options, can help detect exploitation attempts. Regular audits of user privileges and session logs on Juniper devices will further reduce risk. Implementing robust insider threat detection and response capabilities will mitigate risks from internal actors. Finally, ensure backup configurations and failover mechanisms are tested to minimize downtime during recovery.