CVSS: 7.4EPSS: %CPEs: 11EXPL: 0CVE-2025-30648 – Junos OS and Junos OS Evolved: Receipt of a specifically malformed DHCP packet causes jdhcpd process to crash
https://notcve.org/view.php?id=CVE-2025-30648
09 Apr 2025 — An Improper Input Validation vulnerability in the Juniper DHCP Daemon (jdhcpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause the jdhcpd process to crash resulting in a Denial of Service (DoS). When a specifically malformed DHCP packet is received from a DHCP client, the jdhcpd process crashes, which will lead to the unavailability of the DHCP service and thereby resulting in a sustained DoS. The DHCP process will restart automatically to recover the ... • https://supportportal.juniper.net/JSA96458 • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: %CPEs: 7EXPL: 0CVE-2025-30647 – Junos OS: MX Series: Subscriber login/logout activity will lead to a memory leak
https://notcve.org/view.php?id=CVE-2025-30647
09 Apr 2025 — A Missing Release of Memory after Effective Lifetime vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS). In a subscriber management scenario, login/logout activity triggers a memory leak, and the leaked memory gradually increments and eventually results in a crash. user@host> show chassis fpc Temp CPU Utilization (%) CPU Utilization (%) Memory Utilization (%) Slot State (C) Total Interru... • https://supportportal.juniper.net/JSA96457 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.1EPSS: %CPEs: 13EXPL: 0CVE-2025-30646 – Junos OS and Junos OS Evolved: Receipt of a malformed LLDP TLV results in l2cpd crash
https://notcve.org/view.php?id=CVE-2025-30646
09 Apr 2025 — A Signed to Unsigned Conversion Error vulnerability in the Layer 2 Control Protocol daemon (l2cpd) of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an unauthenticated adjacent attacker sending a specifically malformed LLDP TLV to cause the l2cpd process to crash and restart, causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. When an LLDP telemetry subscription is active, receipt of a specifica... • https://supportportal.juniper.net/JSA96456 • CWE-195: Signed to Unsigned Conversion Error •
CVSS: 8.7EPSS: %CPEs: 6EXPL: 0CVE-2025-30645 – Junos OS: SRX Series: Transmission of specific control traffic sent out of a DS-Lite tunnel results in flowd crash
https://notcve.org/view.php?id=CVE-2025-30645
09 Apr 2025 — A NULL Pointer Dereference vulnerability in the flow daemon (flowd) of Juniper Networks Junos OS on SRX Series allows an attacker causing specific, valid control traffic to be sent out of a Dual-Stack (DS) Lite tunnel to crash the flowd process, resulting in a Denial of Service (DoS). Continuous triggering of specific control traffic will create a sustained Denial of Service (DoS) condition. On all SRX platforms, when specific, valid control traffic needs to be sent out of a DS-Lite tunnel, a segmentation f... • https://supportportal.juniper.net/JSA96455 • CWE-476: NULL Pointer Dereference •
CVSS: 7.7EPSS: %CPEs: 6EXPL: 0CVE-2025-30644 – Junos OS: EX2300, EX3400, EX4000 Series, QFX5k Series: Receipt of a specific DHCP packet causes FPC crash when DHCP Option 82 is enabled
https://notcve.org/view.php?id=CVE-2025-30644
09 Apr 2025 — A Heap-based Buffer Overflow vulnerability in the flexible PIC concentrator (FPC) of Juniper Networks Junos OS on EX2300, EX3400, EX4100, EX4300, EX4300MP, EX4400, EX4600, EX4650-48Y, and QFX5k Series allows an attacker to send a specific DHCP packet to the device, leading to an FPC crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Under a rare timing scenario outside the attacker's control, m... • https://supportportal.juniper.net/JSA96453 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.7EPSS: %CPEs: 7EXPL: 0CVE-2025-21601 – Junos OS: SRX and EX Series, MX240, MX480, MX960, QFX5120 Series: When web management is enabled for specific services an attacker may cause a CPU spike by sending genuine packets to the device
https://notcve.org/view.php?id=CVE-2025-21601
09 Apr 2025 — An Improper Following of Specification by Caller vulnerability in web management (J-Web, Captive Portal, 802.1X, Juniper Secure Connect (JSC) of Juniper Networks Junos OS on SRX Series, EX Series, MX240, MX480, MX960, QFX5120 Series, allows an unauthenticated, network-based attacker, sending genuine traffic targeted to the device to cause the CPU to climb until the device becomes unresponsive. Continuous receipt of these packets will create a sustained Denial of Service (DoS) condition. This issue affects J... • https://supportportal.juniper.net/JSA96452 •
CVSS: 6.0EPSS: %CPEs: 15EXPL: 0CVE-2025-21597 – Junos OS and Junos OS Evolved: When BGP rib-sharding and update-threading are configured and a peer flaps, an rpd core is observed
https://notcve.org/view.php?id=CVE-2025-21597
09 Apr 2025 — An Improper Check for Unusual or Exceptional Conditions vulnerability in routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, logically adjacent BGP peer to cause Denial of Service (DoS). On all Junos OS and Junos OS Evolved platforms, when BGP rib-sharding and update-threading are configured, and a BGP peer flap is done with specific timing, rpd crashes and restarts. Continuous peer flapping at specific time intervals will result in a sustained Denial o... • https://kb.juniper.net/JSA96451 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.1EPSS: %CPEs: 11EXPL: 0CVE-2025-21595 – Junos OS and Junos OS Evolved: In an EVPN-VXLAN scenario specific ARP or NDP packets cause FPC to crash
https://notcve.org/view.php?id=CVE-2025-21595
09 Apr 2025 — A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause an FPC to crash, leading to Denial of Service (DoS). On all Junos OS and Junos OS Evolved platforms, in an EVPN-VXLAN scenario, when specific ARP packets are received on an IPv4 network, or specific NDP packets are received on an IPv6 network, kernel heap memory leaks, which eventually leads to an FPC ... • https://supportportal.juniper.net/JSA96450 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.7EPSS: %CPEs: 9EXPL: 0CVE-2025-21594 – Junos OS: MX Series: In DS-lite and NAT scenario receipt of crafted IPv6 traffic causes port block
https://notcve.org/view.php?id=CVE-2025-21594
09 Apr 2025 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the pfe (packet forwarding engine) of Juniper Networks Junos OS on MX Series causes a port within a pool to be blocked leading to Denial of Service (DoS). In a DS-Lite (Dual-Stack Lite) and NAT (Network Address Translation) scenario, when crafted IPv6 traffic is received and prefix-length is set to 56, the ports assigned to the user will not be freed. Eventually, users cannot establish new connections. Affected FPC/PIC need to be manua... • https://supportportal.juniper.net/JSA96449 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 6.7EPSS: 5%CPEs: 8EXPL: 0CVE-2025-21590 – Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability
https://notcve.org/view.php?id=CVE-2025-21590
12 Mar 2025 — An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device. A local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device. This issue is not exploitable from the Junos CLI. This issue affects Junos OS: * All versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S10, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 2... • https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-espionage-targets-juniper-routers • CWE-653: Improper Isolation or Compartmentalization •