Memory Management Vulnerability in Junos OS on MX Series by Juniper Networks
CVE-2025-30647

7.1HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Os
Vendor: CVE Published:; 9 April 2025

Badges

👾 Exploit Exists

Summary

A memory leak vulnerability exists within the packet forwarding engine of Juniper Networks Junos OS on MX Series, enabling unauthenticated adjacent attackers to execute a Denial-of-Service attack. This issue arises during subscriber management operations, where login/logout activities trigger a continuous memory leak. As leaked memory accumulates, it eventually depletes system resources, leading to a potential crash of the device. It is crucial for organizations using affected versions to review their systems and apply the necessary patches to mitigate risks.

Affected Version(s)

Junos OS MX Series 0 < 21.2R3-S9

Junos OS MX Series 21.4 < 21.4R3-S10

Junos OS MX Series 22.2 < 22.2R3-S6

References

https://supportportal.juniper.net/JSA96457

vendor-advisory

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

👾
Exploit known to exist
Apr 9, 2025
Vulnerability published
Apr 9, 2025
Vulnerability Reserved
Mar 24, 2025