Denial of Service Risk in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon
CVE-2025-52949

7.1HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Os; Junos Os Evolved
Vendor: CVE Published:; 11 July 2025

🔔 Create Juniper Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2025-52949?

An Improper Handling of Length Parameter Inconsistency vulnerability has been identified within the Routing Protocol Daemon (rpd) of Juniper Networks' Junos OS and Junos OS Evolved. This flaw permits a logically adjacent BGP peer to send specifically crafted malformed BGP packets, which can trigger the rpd to crash and subsequently restart. This creates a Denial of Service (DoS) condition that can persist if the malformed packets continue to be processed. The vulnerability specifically impacts systems with Ethernet Virtual Private Networking (EVPN) configurations and affects both iBGP and eBGP, impacting both IPv4 and IPv6 transmissions across various versions of the products.

Affected Version(s)

Junos OS 0 < 21.4R3-S11

Junos OS 22.2 < 22.2R3-S7

Junos OS 22.4 < 22.4R3-S7

References

https://supportportal.juniper.net/JSA100053

vendor-advisory

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Jul 11, 2025
Vulnerability published
Jul 11, 2025
Vulnerability Reserved
Jun 23, 2025

Credit

Juniper SIRT would like to acknowledge and thank Craig Dods from Meta’s Infrastructure Security Engineering team for responsibly reporting this vulnerability.