CVE-2025-30652

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 21.2R3-S9 Junos OS versions from 21.4 before 21.4R3-S10 Junos OS versions from 22.2 before 22.2R3-S6 Junos OS versions from 22.4 before 22.4R3-S6 Junos OS versions from 23.2 before 23.2R2-S3 Junos OS versions from 23.4 before 23.4R2-S4 Junos OS versions from 24.2 before 24.2R2 Junos OS Evolved versions prior to 21.2R3-S9-EVO Junos OS Evolved versions from 21.4-EVO before 21.4R3-S10-EVO Junos OS Evolved versions from 22.2-EVO before 22.2R3-S6-EVO Junos OS Evolved versions from 22.4-EVO before 22.4R3-S6-EVO Junos OS Evolved versions from 23.2-EVO before 23.2R2-S3-EVO Junos OS Evolved versions from 23.4-EVO before 23.4R2-S4-EVO Junos OS Evolved versions from 24.2-EVO before 24.2R2-EVO

Description: An Improper Handling of Exceptional Conditions issue in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker executing a CLI command to cause a Denial of Service (DoS). When asregex-optimized is configured and a specific "show route as-path" CLI command is executed, the rpd crashes and restarts. Repeated execution of this command will cause a sustained DoS condition.

Recommendations: For Junos OS versions prior to 21.2R3-S9, update to version 21.2R3-S9 or later. For Junos OS versions from 21.4 before 21.4R3-S10, update to version 21.4R3-S10 or later. For Junos OS versions from 22.2 before 22.2R3-S6, update to version 22.2R3-S6 or later. For Junos OS versions from 22.4 before 22.4R3-S6, update to version 22.4R3-S6 or later. For Junos OS versions from 23.2 before 23.2R2-S3, update to version 23.2R2-S3 or later. For Junos OS versions from 23.4 before 23.4R2-S4, update to version 23.4R2-S4 or later. For Junos OS versions from 24.2 before 24.2R2, update to version 24.2R2 or later. For Junos OS Evolved versions prior to 21.2R3-S9-EVO, update to version 21.2R3-S9-EVO or later. For Junos OS Evolved versions from 21.4-EVO before 21.4R3-S10-EVO, update to version 21.4R3-S10-EVO or later. For Junos OS Evolved versions from 22.2-EVO before 22.2R3-S6-EVO, update to version 22.2R3-S6-EVO or later. For Junos OS Evolved versions from 22.4-EVO before 22.4R3-S6-EVO, update to version 22.4R3-S6-EVO or later. For Junos OS Evolved versions from 23.2-EVO before 23.2R2-S3-EVO, update to version 23.2R2-S3-EVO or later. For Junos OS Evolved versions from 23.4-EVO before 23.4R2-S4-EVO, update to version 23.4R2-S4-EVO or later. For Junos OS Evolved versions from 24.2-EVO before 24.2R2-EVO, update to version 24.2R2-EVO or later. As a temporary workaround, consider disabling the asregex-optimized configuration to prevent the rpd from crashing when the "show route as-path" CLI command is executed.