CVE-2025-30656

Medienbericht

EPSS 0.4%
Veröffentlicht 09.04.2025 20:01:48
Zuletzt bearbeitet 23.01.2026 19:35:12
Quelle sirt@juniper.net
CVE-Watchlists
Login
Unerledigt
Login

An Improper Handling of Additional Special Element vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series with MS-MPC, MS-MIC and SPC3, and SRX Series, allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).

If the SIP ALG processes specifically formatted SIP invites, a memory corruption will occur which will lead to a crash of the FPC processing these packets. Although the system will automatically recover with the restart of the FPC, subsequent SIP invites will cause the crash again and lead to a sustained DoS.




This issue affects Junos OS on MX Series and SRX Series: 

  *  all versions before 21.2R3-S9,
  *  21.4 versions before 21.4R3-S10,
  *  22.2 versions before 22.2R3-S6,
  *  22.4 versions before 22.4R3-S5,
  *  23.2 versions before 23.2R2-S3,
  *  23.4 versions before 23.4R2-S3,
  *  24.2 versions before 24.2R1-S2, 24.2R2.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Juniper ≫ Junos Version < 21.2

   Juniper ≫ Mx10004 Version-
   Juniper ≫ Mx10008 Version-
   Juniper ≫ Mx2008 Version-
   Juniper ≫ Mx2010 Version-
   Juniper ≫ Mx2020 Version-
   Juniper ≫ Mx204 Version-
   Juniper ≫ Mx240 Version-
   Juniper ≫ Mx304 Version-
   Juniper ≫ Mx480 Version-
   Juniper ≫ Mx960 Version-
   Juniper ≫ Srx1500 Version-
   Juniper ≫ Srx1600 Version-
   Juniper ≫ Srx2300 Version-
   Juniper ≫ Srx300 Version-
   Juniper ≫ Srx320 Version-
   Juniper ≫ Srx340 Version-
   Juniper ≫ Srx345 Version-
   Juniper ≫ Srx380 Version-
   Juniper ≫ Srx4100 Version-
   Juniper ≫ Srx4120 Version-
   Juniper ≫ Srx4200 Version-
   Juniper ≫ Srx4300 Version-
   Juniper ≫ Srx4600 Version-
   Juniper ≫ Srx4700 Version-
   Juniper ≫ Srx5400 Version-
   Juniper ≫ Srx5600 Version-
   Juniper ≫ Srx5800 Version-

Juniper ≫ Junos Version21.2 Update-

Juniper ≫ Junos Version21.2 Updater1

Juniper ≫ Junos Version21.2 Updater1-s1

Juniper ≫ Junos Version21.2 Updater1-s2

Juniper ≫ Junos Version21.2 Updater2

Juniper ≫ Junos Version21.2 Updater2-s1

Juniper ≫ Junos Version21.2 Updater2-s2

Juniper ≫ Junos Version21.2 Updater3

Juniper ≫ Junos Version21.2 Updater3-s1

Juniper ≫ Junos Version21.2 Updater3-s2

Juniper ≫ Junos Version21.2 Updater3-s3

Juniper ≫ Junos Version21.2 Updater3-s4

Juniper ≫ Junos Version21.2 Updater3-s5

Juniper ≫ Junos Version21.2 Updater3-s6

Juniper ≫ Junos Version21.2 Updater3-s7

Juniper ≫ Junos Version21.2 Updater3-s8

Juniper ≫ Junos Version21.4 Update-

Juniper ≫ Junos Version21.4 Updater1

Juniper ≫ Junos Version21.4 Updater1-s1

Juniper ≫ Junos Version21.4 Updater1-s2

Juniper ≫ Junos Version21.4 Updater2

Juniper ≫ Junos Version21.4 Updater2-s1

Juniper ≫ Junos Version21.4 Updater2-s2

Juniper ≫ Junos Version21.4 Updater3

Juniper ≫ Junos Version21.4 Updater3-s1

Juniper ≫ Junos Version21.4 Updater3-s2

Juniper ≫ Junos Version21.4 Updater3-s3

Juniper ≫ Junos Version21.4 Updater3-s4

Juniper ≫ Junos Version21.4 Updater3-s5

Juniper ≫ Junos Version21.4 Updater3-s6

Juniper ≫ Junos Version21.4 Updater3-s7

Juniper ≫ Junos Version21.4 Updater3-s8

Juniper ≫ Junos Version21.4 Updater3-s9

Juniper ≫ Junos Version22.2 Update-

Juniper ≫ Junos Version22.2 Updater1

Juniper ≫ Junos Version22.2 Updater1-s1

Juniper ≫ Junos Version22.2 Updater1-s2

Juniper ≫ Junos Version22.2 Updater2

Juniper ≫ Junos Version22.2 Updater2-s1

Juniper ≫ Junos Version22.2 Updater2-s2

Juniper ≫ Junos Version22.2 Updater3

Juniper ≫ Junos Version22.2 Updater3-s1

Juniper ≫ Junos Version22.2 Updater3-s2

Juniper ≫ Junos Version22.2 Updater3-s3

Juniper ≫ Junos Version22.2 Updater3-s4

Juniper ≫ Junos Version22.2 Updater3-s5

Juniper ≫ Junos Version22.4 Update-

Juniper ≫ Junos Version22.4 Updater1

Juniper ≫ Junos Version22.4 Updater1-s1

Juniper ≫ Junos Version22.4 Updater1-s2

Juniper ≫ Junos Version22.4 Updater2

Juniper ≫ Junos Version22.4 Updater2-s1

Juniper ≫ Junos Version22.4 Updater2-s2

Juniper ≫ Junos Version22.4 Updater3

Juniper ≫ Junos Version22.4 Updater3-s1

Juniper ≫ Junos Version22.4 Updater3-s2

Juniper ≫ Junos Version22.4 Updater3-s3

Juniper ≫ Junos Version22.4 Updater3-s4

Juniper ≫ Junos Version23.2 Update-

Juniper ≫ Junos Version23.2 Updater1

Juniper ≫ Junos Version23.2 Updater1-s1

Juniper ≫ Junos Version23.2 Updater1-s2

Juniper ≫ Junos Version23.2 Updater2

Juniper ≫ Junos Version23.2 Updater2-s1

Juniper ≫ Junos Version23.2 Updater2-s2

Juniper ≫ Junos Version23.4 Update-

Juniper ≫ Junos Version23.4 Updater1

Juniper ≫ Junos Version23.4 Updater1-s1

Juniper ≫ Junos Version23.4 Updater1-s2

Juniper ≫ Junos Version23.4 Updater2

Juniper ≫ Junos Version23.4 Updater2-s1

Juniper ≫ Junos Version23.4 Updater2-s2

Juniper ≫ Junos Version24.2 Update-

Juniper ≫ Junos Version24.2 Updater1

Juniper ≫ Junos Version24.2 Updater1-s1

Juniper ≫ Junos Version24.2 Updater2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.4%	0.605

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
sirt@juniper.net	8.7	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:M/U:X
sirt@juniper.net	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-167 Improper Handling of Additional Special Element

The product receives input from an upstream component, but it does not handle or incorrectly handles when an additional unexpected special element is provided.

https://www.heise.de/news/Juniper-schliesst-Sicherheitsluecken-in-Junos-OS-und-mehr-10347125.html

Medienbericht

heise Security

09.08.2025 11:36

https://supportportal.juniper.net/JSA96466

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-30656

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-30656

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-30656

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-30656