CVE-2025-30649 — Improper Input Validation in Networks Junos OS

CWE-20 — Improper Input Validation4 documents4 sources

Severity

8.7HIGHNVD

EPSS

0.4%

top 39.07%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos

Timeline

PublishedApr 9

Description

An Improper Input Validation vulnerability in the syslog stream TCP transport of Juniper Networks Junos OS on MX240, MX480 and MX960 devices with MX-SPC3 Security Services Card allows an unauthenticated, network-based attacker, to send specific spoofed packets to cause a CPU Denial of Service (DoS) to the MX-SPC3 SPUs. Continued receipt and processing of these specific packets will sustain the DoS condition. This issue affects Junos OS: * All versions before 22.2R3-S6, * from 22.4 before 22.4R…

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

Affected Packages2 packages

▶CVEListV5juniper_networks/junos_os22.4 — 22.4R3-S4+4

▶NVDjuniper/junos< 22.2+5

🔴Vulnerability Details

CVEList

Junos OS: MX240, MX480, MX960 with SPC3: An attacker sending specific packets will cause a CPU utilization DoS.↗2025-04-09

▶

GHSA

GHSA-8279-hg76-9fpw: An Improper Input Validation vulnerability in the syslog stream TCP transport of Juniper Networks Junos OS on MX240, MX480 and MX960 devices with MX-S↗2025-04-09

▶

📋Vendor Advisories

Juniper

CVE-2025-30649: An Improper Input Validation vulnerability in the syslog stream TCP transport of Juniper Networks Junos OS on MX240, MX480 and MX960 devices with MX-S↗2025-04-09

▶