CVE-2025-52982

CWE-4044 documents4 sources
Severity
8.2HIGH
EPSS
0.1%
top 77.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedJul 11

Description

An Improper Resource Shutdown or Release vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series with MS-MPC allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When an MX Series device with an MS-MPC is configured with two or more service sets which are both processing SIP calls, a specific sequence of call events will lead to a crash and restart of the MS-MPC. This issue affects Junos OS: * all versions before 21.2R3-S9, * 21.4 versions from

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

Affected Packages2 packages

CVEListV5juniper_networks/junos_os21.421.4*+3
NVDjuniper/junos< 21.2+3

🔴Vulnerability Details

2
CVEList
Junos OS: MX Series: When specific SIP packets are processed the MS-MPC will crash2025-07-11
GHSA
GHSA-9x9c-4rh9-688v: An Improper Resource Shutdown or Release vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series with MS-MPC allows an unauthenticated,2025-07-11

📋Vendor Advisories

1
Juniper
CVE-2025-52982: An Improper Resource Shutdown or Release vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series with MS-MPC allows an unauthenticated,2025-07-11
CVE-2025-52982 (HIGH CVSS 8.2) | An Improper Resource Shutdown or Re | cvebase.io