Juniper Junos OS PFE SIP ALG DoS (before 24.2R2)
CVE-2025-30656 Published on April 9, 2025
Junos OS: MX Series, SRX Series: Processing of specific SIP INVITE messages by the SIP ALG will lead to an FPC crash
An Improper Handling of Additional Special Element vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series with MS-MPC, MS-MIC and SPC3, and SRX Series, allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).
If the SIP ALG processes specifically formatted SIP invites, a memory corruption will occur which will lead to a crash of the FPC processing these packets. Although the system will automatically recover with the restart of the FPC, subsequent SIP invites will cause the crash again and lead to a sustained DoS.
This issue affects Junos OS on MX Series and SRX Series:
* all versions before 21.2R3-S9,
* 21.4 versions before 21.4R3-S10,
* 22.2 versions before 22.2R3-S6,
* 22.4 versions before 22.4R3-S5,
* 23.2 versions before 23.2R2-S3,
* 23.4 versions before 23.4R2-S3,
* 24.2 versions before 24.2R1-S2, 24.2R2.
Vulnerability Analysis
CVE-2025-30656 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Timeline
Initial Publication
Weakness Type
Improper Handling of Additional Special Element
The software receives input from an upstream component, but it does not handle or incorrectly handles when an additional unexpected special element is provided.
Products Associated with CVE-2025-30656
Want to know whenever a new CVE is published for Juniper Networks Junos? stack.watch will email you.
Affected Versions
Juniper Networks Junos OS:- Before 21.2R3-S9 is affected.
- Version 21.4 and below 21.4R3-S10 is affected.
- Version 22.2 and below 22.2R3-S6 is affected.
- Version 22.4 and below 22.4R3-S5 is affected.
- Version 23.2 and below 23.2R2-S3 is affected.
- Version 23.4 and below 23.4R2-S3 is affected.
- Version 24.2 and below 24.2R1-S2, 24.2R2 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.