Juniper Networks Junos OS
Moderate fix3 remedies
cpe:2.3:a:juniper:junos:*:*:*:*:*:*:*, +2 more
Moderate fix3 remedies
- < 22.2R3-S1
- >= 22.4, < 22.4R2
Juniper Networks Junos OS MX Series Out-of-Bounds Write Vulnerability in CFM Daemon Leading to Denial-of-Service
Vulnerability
Patched
A vulnerability allowing out-of-bounds write has been identified in the connectivity fault management (CFM) daemon of Juniper Networks Junos OS. This issue affects MX Series routers with MPC-BUILTIN, MPC1 through MPC9 line cards, all versions prior to 22.2R3-S1 and from 22.4 prior to 22.4R2. The vulnerability allows an unauthenticated adjacent attacker to send a malformed packet to the device, causing a crash and restart of the affected forwarding plane component (FPC). This disruption creates a denial-of-service condition, which can be sustained by the continued receipt and processing of the malformed packets.
Impact
Exploitation of this vulnerability causes one or more FPCs to crash, leading to a denial-of-service condition on the affected device.
Remediation
Users can upgrade to Junos OS versions 22.2R3-S1, 22.4R2, 23.2R1, or any subsequent release to address this vulnerability.
Added: Jul 11, 2025, 3:34 PM
Updated: Jul 11, 2025, 3:34 PM
Vulnerability Rating
Custom Algorithm
spread
6.8impact
2.5exploitability
4.9remediation
7.7relevance
0.2threat
0.0urgency
1.4incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.