BleepingComputer reports that Juniper Networks issued patches to resolve a medium-severity Junos OS flaw impacting several of its routers, tracked as CVE-2025-21590. The bug was disclosed by Google's Mandiant team to have been exploited by Chinese cyberespionage hacking group UNC3886 to facilitate the deployment of six different TINYSHELL-based backdoors in a 2024 attack.
"Customers are encouraged to upgrade to a fixed release as soon as it's available and in the meantime take steps to mitigate this vulnerability," said Juniper. "While the complete list of resolved platforms is under investigation, it is strongly recommended to mitigate the risk of exploitation by restricting shell access to trusted users only."
Juniper also noted that the security issue stemmed from inadequate isolation or compartmentalization. The flaw has also been added to the Cybersecurity and Infrastructure Security Agency's (CISAs) Known Exploited Vulnerabilities (KEV) catalog. Federal agencies were urged to remediate the bug by April 3.
