CVE-2025-52952

An Out-of-bounds Write vulnerability in the connectivity fault management (CFM) daemon of Juniper Networks Junos OS on MX Series with MPC-BUILTIN, MPC1 through MPC9 line cards allows an unauthenticated adjacent attacker to send a malformed packet to the device, leading to an FPC crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks: Junos OS: * All versions before 22.2R3-S1, * from 22.4 before 22.4R2. This feature is not enabled by default.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://supportportal.juniper.net/JSA100058	Vendor Advisory
https://www.juniper.net/documentation/us/en/software/junos/network-mgmt/topics/topic-map/cfm-configuring.html	Product

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:juniper:junos::::::::
	cpe:2.3:o:juniper:junos:22.2:-::::::
	cpe:2.3:o:juniper:junos:22.2:r1::::::
	cpe:2.3:o:juniper:junos:22.2:r1-s1::::::
	cpe:2.3:o:juniper:junos:22.2:r1-s2::::::
	cpe:2.3:o:juniper:junos:22.2:r2::::::
	cpe:2.3:o:juniper:junos:22.2:r2-s1::::::
	cpe:2.3:o:juniper:junos:22.2:r2-s2::::::
	cpe:2.3:o:juniper:junos:22.2:r3::::::
	cpe:2.3:o:juniper:junos:22.4:-::::::
	cpe:2.3:o:juniper:junos:22.4:r1::::::
	cpe:2.3:o:juniper:junos:22.4:r1-s1::::::
	cpe:2.3:o:juniper:junos:22.4:r1-s2::::::

OR	cpe:2.3:h:juniper:2x100ge_\+_4x10ge_mpc5e:-:::::::*
	cpe:2.3:h:juniper:2x100ge_\+_4x10ge_mpc5eq:-:::::::*
	cpe:2.3:h:juniper:2x100ge_\+_8x10ge_mpc4e:-:::::::*
	cpe:2.3:h:juniper:32x10ge_mpc4e:-:::::::*
	cpe:2.3:h:juniper:6x40ge_\+_24x10ge_mpc5e:-:::::::*
	cpe:2.3:h:juniper:6x40ge_\+_24x10ge_mpc5eq:-:::::::*
	cpe:2.3:h:juniper:mpc1:-:::::::*
	cpe:2.3:h:juniper:mpc1_q:-:::::::*
	cpe:2.3:h:juniper:mpc1e:-:::::::*
	cpe:2.3:h:juniper:mpc1e_q:-:::::::*
	cpe:2.3:h:juniper:mpc2:-:::::::*
	cpe:2.3:h:juniper:mpc2_eq:-:::::::*
	cpe:2.3:h:juniper:mpc2_q:-:::::::*
	cpe:2.3:h:juniper:mpc2e:-:::::::*
	cpe:2.3:h:juniper:mpc2e_eq:-:::::::*
	cpe:2.3:h:juniper:mpc2e_ng:-:::::::*
	cpe:2.3:h:juniper:mpc2e_ng_q:-:::::::*
	cpe:2.3:h:juniper:mpc2e_p:-:::::::*
	cpe:2.3:h:juniper:mpc2e_q:-:::::::*
	cpe:2.3:h:juniper:mpc3e:-:::::::*
	cpe:2.3:h:juniper:mpc3e-3d-ng:-:::::::*
	cpe:2.3:h:juniper:mpc3e-3d-ng-q:-:::::::*
	cpe:2.3:h:juniper:mpc6e:-:::::::*
	cpe:2.3:h:juniper:mpc7e-10g:-:::::::*
	cpe:2.3:h:juniper:mpc7e-mrate:-:::::::*
	cpe:2.3:h:juniper:mpc8e:-:::::::*
	cpe:2.3:h:juniper:mpc9e:-:::::::*
	cpe:2.3:h:juniper:mx2008:-:::::::*
	cpe:2.3:h:juniper:mx2010:-:::::::*
	cpe:2.3:h:juniper:mx2020:-:::::::*
	cpe:2.3:h:juniper:mx240:-:::::::*
	cpe:2.3:h:juniper:mx480:-:::::::*
	cpe:2.3:h:juniper:mx960:-:::::::*

History

No history.

Information

Published : 2025-07-11 15:15

Updated : 2026-01-26 18:31

NVD link : CVE-2025-52952

Mitre link : CVE-2025-52952

CVE.ORG link : CVE-2025-52952

JSON object : View

Products Affected

juniper

32x10ge_mpc4e
2x100ge_\+_4x10ge_mpc5e
mx2020
mpc7e-10g
mpc2e_q
mx480
mpc9e
mpc7e-mrate
mpc1e
mpc2e_eq
mx960
2x100ge_\+_8x10ge_mpc4e
junos
mpc1
mpc2_q
mpc2e_ng
6x40ge_\+_24x10ge_mpc5e
mpc8e
6x40ge_\+_24x10ge_mpc5eq
mpc2e
mpc3e
mpc1e_q
mpc6e
mx240
mpc3e-3d-ng-q
mx2010
2x100ge_\+_4x10ge_mpc5eq
mpc2e_p
mx2008
mpc2_eq
mpc1_q
mpc2
mpc3e-3d-ng
mpc2e_ng_q

CWE

CWE-787

Out-of-bounds Write

6.5 /10