PT-2025-15854 · Juniper Networks · Junos+1

Published

2025-04-09

·

Updated

2025-04-10

·

CVE-2025-30646

CVSS v4.0

7.1

High

VectorAV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:C/RE:M/U:X
Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 21.2R3-S9 Junos OS versions from 21.4 before 21.4R3-S10 Junos OS versions from 22.2 before 22.2R3-S6 Junos OS versions from 22.4 before 22.4R3-S6 Junos OS versions from 23.2 before 23.2R2-S3 Junos OS versions from 23.4 before 23.4R2-S4 Junos OS versions from 24.2 before 24.2R2 Junos OS Evolved versions prior to 21.4R3-S10-EVO Junos OS Evolved versions from 22.2-EVO before 22.2R3-S6-EVO Junos OS Evolved versions from 22.4-EVO before 22.4R3-S6-EVO Junos OS Evolved versions from 23.2-EVO before 23.2R2-S3-EVO Junos OS Evolved versions from 23.4-EVO before 23.4R2-S4-EVO Junos OS Evolved versions from 24.2-EVO before 24.2R2-EVO
Description: A Signed to Unsigned Conversion Error in the Layer 2 Control Protocol daemon (l2cpd) allows an unauthenticated adjacent attacker to cause the l2cpd process to crash and restart by sending a specifically malformed LLDP TLV, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service condition. This issue is triggered when an LLDP telemetry subscription is active and a specifically malformed LLDP TLV is received.
Recommendations: For Junos OS versions prior to 21.2R3-S9, update to version 21.2R3-S9 or later. For Junos OS versions from 21.4 before 21.4R3-S10, update to version 21.4R3-S10 or later. For Junos OS versions from 22.2 before 22.2R3-S6, update to version 22.2R3-S6 or later. For Junos OS versions from 22.4 before 22.4R3-S6, update to version 22.4R3-S6 or later. For Junos OS versions from 23.2 before 23.2R2-S3, update to version 23.2R2-S3 or later. For Junos OS versions from 23.4 before 23.4R2-S4, update to version 23.4R2-S4 or later. For Junos OS versions from 24.2 before 24.2R2, update to version 24.2R2 or later. For Junos OS Evolved versions prior to 21.4R3-S10-EVO, update to version 21.4R3-S10-EVO or later. For Junos OS Evolved versions from 22.2-EVO before 22.2R3-S6-EVO, update to version 22.2R3-S6-EVO or later. For Junos OS Evolved versions from 22.4-EVO before 22.4R3-S6-EVO, update to version 22.4R3-S6-EVO or later. For Junos OS Evolved versions from 23.2-EVO before 23.2R2-S3-EVO, update to version 23.2R2-S3-EVO or later. For Junos OS Evolved versions from 23.4-EVO before 23.4R2-S4-EVO, update to version 23.4R2-S4-EVO or later. For Junos OS Evolved versions from 24.2-EVO before 24.2R2-EVO, update to version 24.2R2-EVO or later.

Fix

DoS

Weakness Enumeration

CWE-195

Related Identifiers

BDU:2025-04793
CVE-2025-30646

Affected Products

Junos
Junos Evolved