Improper Exception Handling in Junos OS by Juniper Networks
CVE-2025-52948

8.2HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Os
Vendor: CVE Published:; 11 July 2025

🔔 Create Juniper Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2025-52948?

An improper handling of exceptional conditions vulnerability in the Berkeley Packet Filter (BPF) processing of Juniper Networks' Junos OS may allow an attacker to send specific, unknown traffic patterns that could lead to system instability. This issue is triggered by a rare timing issue within the Junos kernel when a BPF instance is cloned, which may result in critical internal structure leakage. Typically, this vulnerability manifests under certain configurations, most notably when packet capturing is enabled. In laboratory tests, specific traffic patterns have consistently demonstrated the potential to cause system crashes.

Affected Version(s)

Junos OS 0 < 21.2R3-S9

Junos OS 21.4 < 21.4R3-S10

Junos OS 22.2 < 22.2R3-S6

References

https://supportportal.juniper.net/JSA100052

vendor-advisory

https://www.juniper.net/documentation/us/en/software/juno...

technical-description

CVSS V4

Score:

8.2

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Jul 11, 2025
Vulnerability published
Jul 11, 2025
Vulnerability Reserved
Jun 23, 2025