PT-2025-15866 · Juniper Networks · Junos
Published
2025-04-09
·
Updated
2025-04-10
·
CVE-2025-30659
CVSS v4.0
8.7
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:M/U:X |
Name of the Vulnerable Software and Affected Versions:
Junos OS versions 21.4 through 24.2R2, specifically:
Junos OS versions 21.4
Junos OS versions 22.2 before 22.2R3-S6
Junos OS versions 22.4 before 22.4R3-S6
Junos OS versions 23.2 before 23.2R2-S3
Junos OS versions 23.4 before 23.4R2-S4
Junos OS versions 24.2 before 24.2R2
Description:
An Improper Handling of Length Parameter Inconsistency issue in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When a device configured for Secure Vector Routing (SVR) receives a specifically malformed packet, the PFE will crash and restart.
Recommendations:
For Junos OS versions 21.4, update to a version after 21.4.
For Junos OS versions 22.2 before 22.2R3-S6, update to 22.2R3-S6 or later.
For Junos OS versions 22.4 before 22.4R3-S6, update to 22.4R3-S6 or later.
For Junos OS versions 23.2 before 23.2R2-S3, update to 23.2R2-S3 or later.
For Junos OS versions 23.4 before 23.4R2-S4, update to 23.4R2-S4 or later.
For Junos OS versions 24.2 before 24.2R2, update to 24.2R2 or later.
Fix
DoS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Junos