CVE-2025-52981
BaseFortify
Publication date: 2025-07-11
Last updated on: 2025-07-15
Assigner: Juniper Networks, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| juniper | junos_os | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-754 | The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an improper check for unusual or exceptional conditions in the flow processing daemon (flowd) of Juniper Networks Junos OS on certain SRX series devices. An unauthenticated attacker can send a specific sequence of PIM packets that causes the flowd process to crash and restart, resulting in a Denial-of-Service (DoS).
How can this vulnerability impact me? :
The vulnerability can cause a Denial-of-Service (DoS) by crashing the flowd process on affected Junos OS devices. This can disrupt network traffic processing and potentially impact network availability and reliability.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, you should upgrade your Junos OS on affected SRX devices to a fixed version. Specifically, update to versions 21.2R3-S9 or later, 21.4R3-S11 or later, 22.2R3-S7 or later, 22.4R3-S6 or later, 23.2R2-S4 or later, 23.4R2-S4 or later, or 24.2R2 or later, depending on your current version. This will prevent the flowd crash caused by the specific PIM packets.