CVE-2025-30659

HIGH

7.5

Description

An Improper Handling of Length Parameter Inconsistency vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When a device configured for Secure Vector Routing (SVR) receives a specifically malformed packet the PFE will crash and restart. This issue affects Junos OS on SRX Series: * All 21.4 versions, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3-S6, * 23.2 versions before 23.2R2-S3, * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R2. This issue does not affect versions before 21.4.

CVE Details

CVSS v3.1 Score7.5

SeverityHIGH

CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack VectorNETWORK

ComplexityLOW

Privileges RequiredNONE

User InteractionNONE

Published4/9/2025

Last Modified1/23/2026

Sourcenvd

Honeypot Sightings0

Affected Products

juniper:junosjuniper:srx1500juniper:srx1600juniper:srx2300juniper:srx300juniper:srx320juniper:srx340juniper:srx345juniper:srx380juniper:srx4100juniper:srx4120juniper:srx4200juniper:srx4300juniper:srx4600juniper:srx4700juniper:srx5400juniper:srx5600juniper:srx5800

Weaknesses (CWE)

CWE-130

References

https://supportportal.juniper.net/JSA96470(sirt@juniper.net)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.