vulnerability
Juniper Junos OS: 2025-07 Security Bulletin: Junos OS: MX Series with MPC-BUILTIN, MPC 1 through MPC 9: Receipt and processing of a malformed packet causes one or more FPCs to crash (JSA100058) (CVE-2025-52952)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:A/AC:L/Au:N/C:N/I:N/A:C) | Jul 9, 2025 | Sep 18, 2025 | Sep 18, 2025 |
Severity
6
CVSS
(AV:A/AC:L/Au:N/C:N/I:N/A:C)
Published
Jul 9, 2025
Added
Sep 18, 2025
Modified
Sep 18, 2025
Description
An Out-of-bounds Write vulnerability in the connectivity fault management (CFM) daemon of Juniper Networks Junos OS on MX Series with MPC-BUILTIN, MPC1 through MPC9 line cards allows an unauthenticated adjacent attacker to send a malformed packet to the device, leading to an FPC crash and restart, resulting in a Denial of Service (DoS).
Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition.
This issue affects Juniper Networks:
Junos OS:
* All versions before 22.2R3-S1,
* from 22.4 before 22.4R2.
This feature is not enabled by default.
Solution
juniper-junos-os-upgrade-latest
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.