CVSS: 7.1EPSS: 0%CPEs: 12EXPL: 0CVE-2025-52964 – Junos OS and Junos OS Evolved: Receipt of a specific BGP UPDATE causes an rpd crash on devices with BGP multipath configured
https://notcve.org/view.php?id=CVE-2025-52964
11 Jul 2025 — A Reachable Assertion vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When the device receives a specific BGP UPDATE packet, the rpd crashes and restarts. Continuous receipt of this specific packet will cause a sustained DoS condition. For the issue to occur, BGP multipath with "pause-computation-during-churn" must be configured on the device, and the attacker must send ... • https://supportportal.juniper.net/JSA100080 • CWE-617: Reachable Assertion •
CVSS: 6.8EPSS: 0%CPEs: 9EXPL: 0CVE-2025-52963 – Junos OS: A low-privileged user can disable an interface
https://notcve.org/view.php?id=CVE-2025-52963
11 Jul 2025 — An Improper Access Control vulnerability in the User Interface (UI) of Juniper Networks Junos OS allows a local, low-privileged attacker to bring down an interface, leading to a Denial-of-Service. Users with "view" permissions can run a specific request interface command which allows the user to shut down the interface. This issue affects Junos OS: * All versions before 21.2R3-S9, * from 21.4 before 21.4R3-S11, * from 22.2 before 22.2R3-S7, * from 22.4 before 22.4R3-S7, * from 23.2 before 23.2R2-S4, * from ... • https://supportportal.juniper.net/JSA100078 • CWE-284: Improper Access Control •
CVSS: 7.1EPSS: 0%CPEs: 16EXPL: 0CVE-2025-52953 – Junos OS and Junos OS Evolved: An unauthenticated adjacent attacker sending a valid BGP UPDATE packet forces a BGP session reset
https://notcve.org/view.php?id=CVE-2025-52953
11 Jul 2025 — An Expected Behavior Violation vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker sending a valid BGP UPDATE packet to cause a BGP session reset, resulting in a Denial of Service (DoS). Continuous receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects iBGP and eBGP and both IPv4 and IPv6 are affected by this vulnerability. This issue affects Junos OS: * A... • https://supportportal.juniper.net/JSA100059 • CWE-440: Expected Behavior Violation •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-52952 – Junos OS: MX Series with MPC-BUILTIN, MPC 1 through MPC 9: Receipt and processing of a malformed packet causes one or more FPCs to crash
https://notcve.org/view.php?id=CVE-2025-52952
11 Jul 2025 — An Out-of-bounds Write vulnerability in the connectivity fault management (CFM) daemon of Juniper Networks Junos OS on MX Series with MPC-BUILTIN, MPC1 through MPC9 line cards allows an unauthenticated adjacent attacker to send a malformed packet to the device, leading to an FPC crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks: Junos OS: * All versions befo... • https://supportportal.juniper.net/JSA100058 • CWE-787: Out-of-bounds Write •
CVSS: 6.0EPSS: 0%CPEs: 10EXPL: 0CVE-2025-52958 – Junos OS and Junos OS Evolved: When route validation is enabled, BGP connection establishment failure causes RPD crash
https://notcve.org/view.php?id=CVE-2025-52958
11 Jul 2025 — A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS).On all Junos OS and Junos OS Evolved devices, when route validation is enabled, a rare condition during BGP initial session establishment can lead to an rpd crash and restart. This occurs specifically when the connection request fails during error-handling scenario. Continued session establishment failures l... • https://supportportal.juniper.net/JSA100066 • CWE-617: Reachable Assertion •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2025-52955 – Junos OS: When jflow/sflow is configured continuous logical interface flaps causes rpd crash and restart
https://notcve.org/view.php?id=CVE-2025-52955
11 Jul 2025 — An Incorrect Calculation of Buffer Size vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a memory corruption that leads to a rpd crash. When the logical interface using a routing instance flaps continuously, specific updates are sent to the jflow/sflow modules. This results in memory corruption, leading to an rpd crash and restart. Continued receipt of these specific updates will cause a sustained Denial of Service condition... • https://supportportal.juniper.net/JSA100062 • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 8.5EPSS: 0%CPEs: 7EXPL: 0CVE-2025-52954 – Junos OS Evolved: A low-privileged user can execute arbitrary Junos commands and modify the configuration, thereby compromising the system
https://notcve.org/view.php?id=CVE-2025-52954
11 Jul 2025 — A Missing Authorization vulnerability in the internal virtual routing and forwarding (VRF) of Juniper Networks Junos OS Evolved allows a local, low-privileged user to gain root privileges, leading to a system compromise. Any low-privileged user with the capability to send packets over the internal VRF can execute arbitrary Junos commands and modify the configuration, and thus compromise the system. This issue affects Junos OS Evolved: * All versions before 22.2R3-S7-EVO, * from 22.4 before 22.4R3-S7-EVO, * ... • https://supportportal.juniper.net/JSA100060 • CWE-862: Missing Authorization •
CVSS: 6.9EPSS: 0%CPEs: 9EXPL: 0CVE-2025-52951 – Junos OS: IPv6 firewall filter fails to match payload-protocol
https://notcve.org/view.php?id=CVE-2025-52951
11 Jul 2025 — A Protection Mechanism Failure vulnerability in kernel filter processing of Juniper Networks Junos OS allows an attacker sending IPv6 traffic to an interface to effectively bypass any firewall filtering configured on the interface. Due to an issue with Junos OS kernel filter processing, the 'payload-protocol' match is not being supported, causing any term containing it to accept all packets without taking any other action. In essence, these firewall filter terms were being processed as an 'accept' for all t... • https://supportportal.juniper.net/JSA100055 • CWE-693: Protection Mechanism Failure •
CVSS: 7.1EPSS: 0%CPEs: 15EXPL: 0CVE-2025-52949 – Junos OS and Junos OS Evolved: In an EVPN environment, receipt of specifically malformed BGP update causes RPD crash
https://notcve.org/view.php?id=CVE-2025-52949
11 Jul 2025 — An Improper Handling of Length Parameter Inconsistency vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a logically adjacent BGP peer sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Only systems configured for Ethernet Virtual Private Networking (EVPN) signaling are vulnerab... • https://supportportal.juniper.net/JSA100053 • CWE-130: Improper Handling of Length Parameter Inconsistency •
CVSS: 8.2EPSS: 0%CPEs: 8EXPL: 0CVE-2025-52948 – Junos OS: Specific unknown traffic pattern causes FPC and system to crash when packet capturing is enabled
https://notcve.org/view.php?id=CVE-2025-52948
11 Jul 2025 — An Improper Handling of Exceptional Conditions vulnerability in Berkeley Packet Filter (BPF) processing of Juniper Networks Junos OS allows an attacker, in rare cases, sending specific, unknown traffic patterns to cause the FPC and system to crash and restart. BPF provides a raw interface to data link layers in a protocol independent fashion. Internally within the Junos kernel, due to a rare timing issue (race condition), when a BPF instance is cloned, the newly created interface causes an internal structur... • https://supportportal.juniper.net/JSA100052 • CWE-755: Improper Handling of Exceptional Conditions •