CVE-2025-52952
Severity
7.1HIGH
EPSS
0.0%
top 87.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 11
Description
An Out-of-bounds Write vulnerability in the connectivity fault management (CFM) daemon of Juniper Networks Junos OS on MX Series with MPC-BUILTIN, MPC1 through MPC9 line cards allows an unauthenticated adjacent attacker to send a malformed packet to the device, leading to an FPC crash and restart, resulting in a Denial of Service (DoS).
Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition.
This issue affects Juniper Networks:
Junos OS:
* All…
CVSS vector
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L
Affected Packages2 packages
🔴Vulnerability Details
2CVEList▶
Junos OS: MX Series with MPC-BUILTIN, MPC 1 through MPC 9: Receipt and processing of a malformed packet causes one or more FPCs to crash↗2025-07-11
GHSA▶
GHSA-pwqr-fp7x-9xcp: An Out-of-bounds Write vulnerability in the connectivity fault management (CFM) daemon of Juniper Networks Junos OS on MX Series with MPC-BUILTIN, MPC↗2025-07-11
📋Vendor Advisories
1Juniper▶
CVE-2025-52952: An Out-of-bounds Write vulnerability in the connectivity fault management (CFM) daemon of Juniper Networks Junos OS on MX Series with MPC-BUILTIN, MPC↗2025-07-11