NULL Pointer Dereference in Juniper Networks Junos OS on SRX Series
CVE-2025-30645

8.7HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Os
Vendor: CVE Published:; 9 April 2025

Badges

👾 Exploit Exists

Summary

A NULL Pointer Dereference vulnerability exists in the flow daemon (flowd) of Juniper Networks' Junos OS on SRX Series devices. This flaw allows attackers to craft specific valid control traffic directed out of a Dual-Stack Lite tunnel, leading to a crash of the flowd process. Consequently, this produces a denial of service (DoS) condition within the network. The issue manifests as a segmentation fault, disrupting network operations until the flowd process is restarted. Administrators should be aware of this vulnerability and ensure they are running the appropriate patched versions to mitigate risks associated with continuous exploitation of control traffic.

Affected Version(s)

Junos OS SRX Series 0 < 21.2R3-S9

Junos OS SRX Series 21.4 < 21.4R3-S9

Junos OS SRX Series 22.2 < 22.2R3-S5

References

https://supportportal.juniper.net/JSA96455

vendor-advisory

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

👾
Exploit known to exist
Apr 9, 2025
Vulnerability published
Apr 9, 2025
Vulnerability Reserved
Mar 24, 2025