vulnerability

Juniper Junos OS: 2025-07 Security Bulletin: Junos OS: ACX Series: When 'hot-standby' mode is configured for an L2 circuit, interface flap causes the FEB to crash (JSA100051) (CVE-2025-52947)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:A/AC:L/Au:N/C:N/I:N/A:C)	Jul 9, 2025	Sep 18, 2025	Sep 18, 2025

Severity

CVSS

(AV:A/AC:L/Au:N/C:N/I:N/A:C)

Published

Jul 9, 2025

Added

Sep 18, 2025

Modified

Sep 18, 2025

Description

An Improper Handling of Exceptional Conditions vulnerability in route processing of Juniper Networks Junos OS on specific end-of-life (EOL) ACX Series platforms allows an attacker to crash the Forwarding Engine Board (FEB) by flapping an interface, leading to a Denial of Service (DoS).

On ACX1000, ACX1100, ACX2000, ACX2100, ACX2200, ACX4000, ACX5048, and ACX5096 devices, FEB0 will crash when the primary path port of the L2 circuit IGP (Interior Gateway Protocol) on the local device goes down. This issue is seen only when 'hot-standby' mode is configured for the L2 circuit.

This issue affects Junos OS on ACX1000, ACX1100, ACX2000, ACX2100, ACX2200, ACX4000, ACX5048, and ACX5096:

* all versions before 21.2R3-S9.

Solution

juniper-junos-os-upgrade-latest

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today