CVE-2025-59964
BaseFortify
Publication date: 2025-10-09
Last updated on: 2025-10-14
Assigner: Juniper Networks, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| juniper | junos | 24.4r2 |
| juniper | junos | 24.4 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-908 | The product uses or accesses a resource that has not been initialized. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Use of Uninitialized Resource issue in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX4700 devices. When forwarding-options sampling is enabled, if the PFE line card receives any traffic destined to the Routing Engine (RE), it causes the FPC (Flexible PIC Concentrator) to crash and restart. This leads to a Denial of Service (DoS) condition. Continued receipt of such traffic results in a sustained DoS on the PFE line card.
How can this vulnerability impact me? :
An unauthenticated, network-based attacker can exploit this vulnerability to cause the PFE line card on affected Junos OS SRX4700 devices to crash and restart repeatedly. This results in a Denial of Service (DoS), potentially disrupting network traffic and services relying on the device.