Improper Handling of Special Elements in Junos OS by Juniper Networks
CVE-2025-30656

8.7HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Os
Vendor: CVE Published:; 9 April 2025

Badges

👾 Exploit Exists

Summary

An improper handling vulnerability in the Packet Forwarding Engine (PFE) of Junos OS allows unauthenticated network-based attackers to create a Denial-of-Service (DoS) condition. Specifically, when the SIP ALG processes specially formatted SIP invites, it can trigger memory corruption issues, leading to a crash of the FPC processing those packets. The system may automatically recover upon restarting the FPC; however, subsequent SIP invites will result in repeated crashes, resulting in sustained denial-of-service conditions. Affected versions span across various series of products, emphasizing the need for prompt updates to ensure network stability.

Affected Version(s)

Junos OS MX Series 0 < 21.2R3-S9

Junos OS MX Series 21.4 < 21.4R3-S10

Junos OS MX Series 22.2 < 22.2R3-S6

References

https://supportportal.juniper.net/JSA96466

vendor-advisory

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

👾
Exploit known to exist
Apr 9, 2025
Vulnerability published
Apr 9, 2025
Vulnerability Reserved
Mar 24, 2025