PT-2025-29250 · Juniper Networks · Junos+1

Published

2025-07-09

·

Updated

2025-07-11

·

CVE-2025-52980

CVSS v4.0

8.7

High

VectorAV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:M/U:X

Name of the Vulnerable Software and Affected Versions:

Juniper Networks Junos OS versions 22.1 from 22.1R1 through 22.2R3-S4 Juniper Networks Junos OS versions 22.3 through 22.3R3-S3 Juniper Networks Junos OS versions 22.4 through 22.4R3-S2 Juniper Networks Junos OS versions 23.2 through 23.2R2 Juniper Networks Junos OS versions 23.4 through 23.4R2

Description:

A Use of Incorrect Byte Ordering vulnerability exists in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS on SRX300 Series. An unauthenticated, network-based attacker can cause a Denial-of-Service (DoS) by sending a BGP update over an established BGP session containing a specific, valid, optional, transitive path attribute, which causes rpd to crash and restart. This issue affects both eBGP and iBGP over IPv4 and IPv6.

Recommendations:

Juniper Networks Junos OS versions 22.1 from 22.1R1 through 22.2R3-S4 should be updated to version 22.2R3-S4 or later. Juniper Networks Junos OS versions 22.3 through 22.3R3-S3 should be updated to version 22.3R3-S3 or later. Juniper Networks Junos OS versions 22.4 through 22.4R3-S2 should be updated to version 22.4R3-S2 or later. Juniper Networks Junos OS versions 23.2 through 23.2R2 should be updated to version 23.2R2 or later. Juniper Networks Junos OS versions 23.4 through 23.4R2 should be updated to version 23.4R2 or later.

Fix

DoS

Weakness Enumeration

CWE-198

Related Identifiers

BDU:2026-05014
CVE-2025-52980

Affected Products

Junos
Srx300 Series