CVE-2025-52961
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-09

Last updated on: 2025-10-14

Assigner: Juniper Networks, Inc.

Description
An Uncontrolled Resource Consumption vulnerability in the Connectivity Fault Management (CFM) daemon and the Connectivity Fault Management Manager (cfmman) of Juniper Networks Junos OS Evolved on PTX10001-36MR, PTX10002-36QDD, PTX10004, PTX10008, PTX10016 allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). An attacker on an adjacent device sending specific valid traffic can cause cfmd to spike the CPU to 100% and cfmman's memory to leak, eventually to cause the FPC crash and restart. Continued receipt and processes of these specific valid packets will sustain the Denial of Service (DoS) condition. An indicator of compromise is to watch for an increase in cfmman memory rising over time by issuing the following command and evaluating the RSS number. If the RSS is growing into GBs then consider restarting the device to temporarily clear memory.   user@device> show system processes node fpc<num> detail | match cfmman Example:    show system processes node fpc0 detail | match cfmman    F S UID       PID       PPID PGID   SID   C PRI NI  ADDR SZ    WCHAN   RSS     PSR STIME TTY         TIME     CMD   4 S root      15204     1    15204  15204 0 80  0   - 90802     -      113652   4  Sep25 ?           00:15:28 /usr/bin/cfmman -p /var/pfe -o -c /usr/conf/cfmman-cfg-active.xml This issue affects Junos OS Evolved on PTX10001-36MR, PTX10002-36QDD, PTX10004, PTX10008, PTX10016: * from 23.2R1-EVO before 23.2R2-S4-EVO, * from 23.4 before 23.4R2-S4-EVO, * from 24.2 before 24.2R2-EVO, * from 24.4 before 24.4R1-S2-EVO, 24.4R2-EVO. This issue does not affect Junos OS Evolved on PTX10001-36MR, PTX10002-36QDD, PTX10004, PTX10008, PTX10016 before 23.2R1-EVO.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-09
Last Modified
2025-10-14
Generated
2026-05-06
AI Q&A
2025-10-09
EPSS Evaluated
2026-05-05
NVD
CVE-2025-52961
EUVD
EUVD-2025-33401
Affected Vendors & Products
Showing 9 associated CPEs
Vendor Product Version / Range
juniper junos_os_evolved 23.2r1-evo
juniper junos_os_evolved 24.2
juniper junos_os_evolved 24.4
juniper junos_os_evolved 23.4
juniper junos_os_evolved 24.4r1-s2-evo
juniper junos_os_evolved 23.2r2-s4-evo
juniper junos_os_evolved 24.2r2-evo
juniper junos_os_evolved 24.4r2-evo
juniper junos_os_evolved 23.4r2-s4-evo
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-400 The product does not properly control the allocation and maintenance of a limited resource.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is an Uncontrolled Resource Consumption issue in the Connectivity Fault Management (CFM) daemon and manager of Juniper Networks Junos OS Evolved on certain PTX devices. An unauthenticated attacker on an adjacent device can send specific valid traffic that causes the CFM daemon's CPU usage to spike to 100% and the CFM manager's memory to leak. This leads to a crash and restart of the Flexible PIC Concentrator (FPC), resulting in a Denial-of-Service (DoS) condition that can be sustained by continued receipt of these packets.


How can this vulnerability impact me? :

The impact of this vulnerability is a Denial-of-Service (DoS) condition on affected Juniper devices. An attacker can cause the device's CPU to max out and memory to leak, eventually crashing and restarting critical components, which disrupts normal network operations and availability.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

You can detect this vulnerability by monitoring the memory usage of the cfmman process on the affected device. Use the command: show system processes node fpc<num> detail | match cfmman. Evaluate the RSS (Resident Set Size) number; if it is growing into gigabytes over time, it indicates a potential compromise due to this vulnerability.


What immediate steps should I take to mitigate this vulnerability?

If you observe the cfmman memory usage growing excessively, consider restarting the device to temporarily clear the memory and mitigate the Denial-of-Service condition. Additionally, ensure your Junos OS Evolved version is updated to a fixed release version beyond the affected ones.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart