Juniper Networks Patches Critical Junos Space Vulnerabilities

Juniper Networks has announced patches for nearly 220 vulnerabilities in Junos OS, Junos Space, and Security Director, including nine critical-severity flaws affecting Junos Space.

More than 200 security defects were resolved in Junos Space and Junos Space Security Director, Juniper’s October 2025 security advisories, published as part of the company’s predefined quarterly schedule, reveal.

Junos Space version 24.1R4 was rolled out with fixes for 24 cross-site scripting (XSS) issues, including a critical-severity bug (CVE-2025-59978, CVSS score of 9.0) that could allow attackers to store script tags in text pages and execute commands on a visitor’s system with administrative privileges.

Junos Space 24.1R4 Patch V1 was released with fixes for 162 unique CVEs, including nine critical-severity flaws: CVE-2019-12900, CVE-2023-38408, CVE-2024-3596, CVE-2024-27280, CVE-2024-35845, CVE-2024-47538, CVE-2024-47607, and CVE-2024-47615.

Juniper also resolved a high-severity denial-of-service (DoS) vulnerability and medium-severity arbitrary file download and HTTP parameter pollution bugs in Junos Space.

Additionally, the company announced fixes for three high-severity and 15 medium-severity Junos Space Security Director flaws, and for a high-severity bug in Security Director Policy Enforcer.

Junos OS and Junos OS Evolved updates resolved two high-severity DoS security defects, as well as medium-severity issues that could allow attackers to access sensitive information, obtain read-write access to files, cause DoS conditions, elevate privileges and/or execute unauthorized commands, create a backdoor, or bypass a required password change.

Juniper says it is not aware of any of these vulnerabilities being exploited in the wild, but users are advised to apply the patches as soon as possible, as there are no workarounds for most of these issues.

Advertisement. Scroll to continue reading.

Additional information on the resolved vulnerabilities can be found on Juniper’s support portal.

What's Hot

The future of TVs is bright, but I don’t think it’s MicroLED

Plex has a brutally realistic crime drama you can binge for free, and it’s not in English

NYT Strands hints and answers for Tuesday, April 28 (game #786)

Juniper Networks Patches Critical Junos Space Vulnerabilities

OpenSSH Flaw Allowing Full Root Shell Access Lurked for 15 Years

Incomplete Windows Patch Opens Door to Zero-Click Attacks

Bitwarden NPM Package Hit in Supply Chain Attack

Vulnerabilities Patched in CrowdStrike, Tenable Products

Trump Administration Vows Crackdown on Chinese Companies ‘Exploiting’ AI Models Made in US

US Federal Agency’s Cisco Firewall Infected With ‘Firestarter’ Backdoor

The iPad Air brand makes no sense – it needs a rethink

ChatGPT Group Chats are here … but not for everyone (yet)

Facebook updates its algorithm to give users more control over which videos they see

Our Picks

The future of TVs is bright, but I don’t think it’s MicroLED

Plex has a brutally realistic crime drama you can binge for free, and it’s not in English

NYT Strands hints and answers for Tuesday, April 28 (game #786)

Subscribe to Updates

What's Hot

Juniper Networks Patches Critical Junos Space Vulnerabilities

Related Posts