UDP: M Backdoor TINYSHELL deadbeef 1
This signature detects network activity associated with TINYSHELL-based backdoor implants. A successful attack can lead to arbitrary code execution.
Extended Description
An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device. A local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device. This issue is not exploitable from the Junos CLI. This issue affects Junos OS: * All versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S10, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3-S6, * 23.2 versions before 23.2R2-S3, * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R1-S2, 24.2R2.
Affected Products
Juniper junos
References
CVE: CVE-2025-21590
Short Name
UDP:TINYSHELL-DEADBEEF-1
Severity
Major
Recommended
False
Recommended Action
Drop
Category
UDP
Keywords
1 Backdoor CVE-2025-21590 M TINYSHELL deadbeef
Release Date
03/13/2025
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3791
Port
UDP/0-52,54-66,70-122,124,136,140-160,163-388,390-635,637-65535
False Positive
Unknown
Vendors
Juniper