Juniper Junos vulnerabilities

CVE-2025-30649 [HIGH] CWE-20 CVE-2025-30649: An Improper Input Validation vulnerability in the syslog stream TCP transport of Juniper Networks Ju An Improper Input Validation vulnerability in the syslog stream TCP transport of Juniper Networks Junos OS on MX240, MX480 and MX960 devices with MX-SPC3 Security Services Card allows an unauthenticated, network-based attacker, to send specific spoofed packets to cause a CPU Denial of Service (DoS) to the MX-SPC3 SPUs. Continued receipt and processing

CVE-2025-30660 [HIGH] CWE-754 CVE-2025-30660: An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engin An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).When processing a high rate of specific GRE traffic destined to the device, the respective PFE will hang causing traff

CVE-2025-30656 [HIGH] CWE-167 CVE-2025-30656: An Improper Handling of Additional Special Element vulnerability in the Packet Forwarding Engine (PF An Improper Handling of Additional Special Element vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series with MS-MPC, MS-MIC and SPC3, and SRX Series, allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If the SIP ALG processes specifically formatted SIP invites, a memory corru

CVE-2025-21597 [MEDIUM] CWE-754 CVE-2025-21597: An Improper Check for Unusual or Exceptional Conditions vulnerability in routing protocol daemon (rp An Improper Check for Unusual or Exceptional Conditions vulnerability in routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, logically adjacent BGP peer to cause Denial of Service (DoS). On all Junos OS and Junos OS Evolved platforms, when BGP rib-sharding and update-threading are configured, a

CVE-2025-30653 [MEDIUM] CWE-825 CVE-2025-30653: An Expired Pointer Dereference vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Ju An Expired Pointer Dereference vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause Denial of Service (DoS).On all Junos OS and Junos OS Evolved platforms, when an MPLS Label-Switched Path (LSP) is configured with node-link-protection and transport-clas

CVE-2025-30654 [MEDIUM] CWE-200 CVE-2025-30654: An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the User Interface (U An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the User Interface (UI) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged, authenticated attacker with access to the CLI to access sensitive information. Through the execution of a specific show mgd command, a user with limited permissions

CVE-2025-30655 [MEDIUM] CWE-754 CVE-2025-30655: An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to cause a Denial-of-Service (DoS). When a specific "show bgp neighbor" CLI command is run, the rpd cpu utilization rises and eventually causes a crash a

CVE-2025-30657 [MEDIUM] CWE-116 CVE-2025-30657: An Improper Encoding or Escaping of Output vulnerability in the Sampling Route Record Daemon (SRRD) An Improper Encoding or Escaping of Output vulnerability in the Sampling Route Record Daemon (SRRD) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When a device configured for flow-monitoring receives a specific BGP update message, it is correctly processed internally by the routing

CVE-2025-30652 [MEDIUM] CWE-755 CVE-2025-30652: An Improper Handling of Exceptional Conditions vulnerability in routing protocol daemon (rpd) of Jun An Improper Handling of Exceptional Conditions vulnerability in routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker executing a CLI command to cause a Denial of Service (DoS). When asregex-optimized is configured and a specific "show route as-path" CLI command is executed, the rpd

CVE-2025-21590 [MEDIUM] CWE-653 CVE-2025-21590: An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device. A local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device. This issue is not exploitable from the Junos

CVE-2024-39564 [HIGH] CVE-2024-39564: This is a similar, but different vulnerability than the issue reported as CVE-2024-39549. A double- This is a similar, but different vulnerability than the issue reported as CVE-2024-39549. A double-free vulnerability in the routing process daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This double free of memory is ca

CVE-2025-21598 [HIGH] CWE-125 CVE-2025-21598: An Out-of-bounds Read vulnerability in Juniper Networks Junos OS and Junos OS Evolved's routing prot An Out-of-bounds Read vulnerability in Juniper Networks Junos OS and Junos OS Evolved's routing protocol daemon (rpd) allows an unauthenticated, network-based attacker to send malformed BGP packets to a device configured with packet receive trace options enabled to crash rpd. This issue affects: Junos OS: * from 21.2R3-S8 before 21.2R3-S9, * from 2

CVE-2025-21602 [HIGH] CWE-755 CVE-2025-21602: An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker sending a specific BGP update packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continuous receipt and processing of this packet

CVE-2025-21593 [HIGH] CWE-664 CVE-2025-21593: An Improper Control of a Resource Through its Lifetime vulnerability in the routing protocol daemon An Improper Control of a Resource Through its Lifetime vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial-of-Service (DoS). On devices with SRv6 (Segment Routing over IPv6) enabled, an attacker can send a malformed BGP UPDATE packet whi

CVE-2025-21600 [HIGH] CVE-2025-21600: An Out-of-Bounds Read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Jun An Out-of-Bounds Read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, logically adjacent BGP peer sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a

CVE-2025-21592 [MEDIUM] CWE-200 CVE-2025-21592: An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the command-line inte An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the command-line interface (CLI) of Juniper Networks Junos OS on SRX Series devices allows a local, low-privileged user with access to the Junos CLI to view the contents of sensitive files on the file system. Through the execution of either 'show services advanced-anti-m

CVE-2025-21596 [MEDIUM] CWE-755 CVE-2025-21596: An Improper Handling of Exceptional Conditions vulnerability in the command-line processing of Junip An Improper Handling of Exceptional Conditions vulnerability in the command-line processing of Juniper Networks Junos OS on SRX1500, SRX4100, and SRX4200 devices allows a local, low-privileged authenticated attacker executing the 'show chassis environment pem' command to cause the chassis daemon (chassisd) to crash and restart, resulting in a tempor

CVE-2024-47506 [HIGH] CWE-833 CVE-2024-47506: A Deadlock vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX S A Deadlock vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When a large amount of traffic is processed by ATP Cloud inspection, a deadlock can occur which will result in a PFE crash and restart. Whether the crash occurs

CVE-2024-47503 [HIGH] CWE-754 CVE-2024-47503: An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow processing daemon An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX4600 and SRX5000 Series allows an unauthenticated and logically adjacent attacker to cause a Denial-of-Service (DoS). If in a multicast scenario a sequence of specific PIM packets is received, this will cause

CVE-2024-47497 [HIGH] CWE-400 CVE-2024-47497: An Uncontrolled Resource Consumption vulnerability in the http daemon (httpd) of Juniper Networks Ju An Uncontrolled Resource Consumption vulnerability in the http daemon (httpd) of Juniper Networks Junos OS on SRX Series, QFX Series, MX Series and EX Series allows an unauthenticated, network-based attacker to cause Denial-of-Service (DoS). An attacker can send specific HTTPS connection requests to the device, triggering the creation of processes th