Improper Input Validation in Junos OS Affects Juniper Networks Devices
CVE-2025-30649

8.7HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Os
Vendor: CVE Published:; 9 April 2025

Badges

👾 Exploit Exists

Summary

An Improper Input Validation vulnerability in the syslog stream TCP transport of Juniper Networks' Junos OS affects MX240, MX480, and MX960 devices equipped with the MX-SPC3 Security Services Card. This vulnerability allows unauthenticated, network-based attackers to generate specially crafted packets, leading to Denial of Service (DoS) conditions by overwhelming the CPU of the MX-SPC3 SPUs. Continuous processing of these malicious packets can exacerbate the DoS situation. Indicators of compromise include a significant spike in SPC3 SPUs utilization, observable through system commands that showcase CPU overload and resource usage.

Affected Version(s)

Junos OS MX240 0 < 22.2R3-S6

Junos OS MX240 22.4 < 22.4R3-S4

Junos OS MX240 23.2 < 23.2R2-S3

References

https://supportportal.juniper.net/JSA96459

vendor-advisory

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

👾
Exploit known to exist
Apr 9, 2025
Vulnerability published
Apr 9, 2025
Vulnerability Reserved
Mar 24, 2025