Home

Description

An Out-of-bounds Write vulnerability in the connectivity fault management (CFM) daemon of Juniper Networks Junos OS on MX Series with MPC-BUILTIN, MPC1 through MPC9 line cards allows an unauthenticated adjacent attacker to send a malformed packet to the device, leading to an FPC crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks: Junos OS: * All versions before 22.2R3-S1, * from 22.4 before 22.4R2. This feature is not enabled by default.

PUBLISHED Reserved 2025-06-23 | Published 2025-07-11 | Updated 2025-07-11 | Assigner juniper




MEDIUM: 6.5CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

HIGH: 7.1CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/V:C/RE:M/U:Green

Problem types

CWE-787 Out-of-bounds Write

Product status

Default status
unaffected

Any version before 22.2R3-S1
affected

22.4 (semver) before 22.4R2
affected

Timeline

2025-07-09:Initial Publication

References

supportportal.juniper.net/JSA100058 vendor-advisory

www.juniper.net/...gmt/topics/topic-map/cfm-configuring.html technical-description

cve.org (CVE-2025-52952)

nvd.nist.gov (CVE-2025-52952)

Download JSON