Juniper Networks Junos OS Evolved PFE Management Daemon NULL Pointer Dereference Vulnerability on ACX Devices Allowing Denial-of-Service

Vulnerability

A NULL pointer dereference vulnerability has been identified in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved. This vulnerability affects ACX7024, ACX7024X, ACX7100-32C, ACX7100-48L, ACX7348, and ACX7509 devices, specifically in Junos OS Evolved versions 23.2R2-EVO prior to 23.2R2-S4-EVO and 23.4R1-EVO prior to 23.4R2-EVO. The vulnerability allows an unauthenticated, adjacent attacker to cause a denial-of-service (DoS) condition by sending specific valid multicast traffic on any layer 3 interface, which leads to the evo-pfemand process crashing and restarting. This issue affects both IPv4 and IPv6 traffic.

Impact

Exploitation of this vulnerability causes the evo-pfemand process to crash and restart, leading to a sustained denial-of-service condition on the affected device.

Added: Oct 9, 2025, 4:25 PM

Updated: Oct 9, 2025, 4:25 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

4.9

remediation

0.0

relevance

0.7

threat

0.0

urgency

1.4

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

4.9

remediation

0.0

relevance

0.7

threat

0.0

urgency

1.4

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Juniper Networks Junos OS Evolved PFE Management Daemon NULL Pointer Dereference Vulnerability on ACX Devices Allowing Denial-of-Service

Vulnerability

Impact

Affected Products

Juniper Networks Junos OS Evolved

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating