Denial of Service Vulnerability in Juniper Networks Junos OS and Junos OS Evolved
CVE-2025-30646

7.1HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Os; Junos Os Evolved
Vendor: CVE Published:; 9 April 2025

🔔 Create Juniper Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2025-30646?

A Signed to Unsigned Conversion Error in the Layer 2 Control Protocol daemon (l2cpd) of Juniper Networks products permits an unauthenticated attacker to send a specially crafted LLDP TLV. When received, this malformed packet causes l2cpd to crash and restart, leading to a denial of service condition. This situation is exacerbated when an LLDP telemetry subscription is active, resulting in repeated crashes and sustained service interruptions.

Affected Version(s)

Junos OS 0 < 21.2R3-S9

Junos OS 21.4 < 21.4R3-S10

Junos OS 22.2 < 22.2R3-S6

References

https://supportportal.juniper.net/JSA96456

vendor-advisory

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Apr 9, 2025
Vulnerability published
Apr 9, 2025
Vulnerability Reserved
Mar 24, 2025