Juniper Junos OS SRX DoS via Length Parameter Inconsistency (v<23.4R2-S4)
CVE-2025-30659 Published on April 9, 2025
Junos OS: SRX Series: A device configured for vector routing crashes when receiving malformed traffic
An Improper Handling of Length Parameter Inconsistency vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).
When a device configured for Secure Vector Routing (SVR) receives a specifically malformed packet the PFE will crash and restart.
This issue affects Junos OS on SRX Series:
* All 21.4 versions,
* 22.2 versions before 22.2R3-S6,
* 22.4 versions before 22.4R3-S6,
* 23.2 versions before 23.2R2-S3,
* 23.4 versions before 23.4R2-S4,
* 24.2 versions before 24.2R2.
This issue does not affect versions before 21.4.
Vulnerability Analysis
CVE-2025-30659 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Timeline
Initial Publication
Weakness Type
What is a length manipulation Vulnerability?
The software parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data. If an attacker can manipulate the length parameter associated with an input such that it is inconsistent with the actual length of the input, this can be leveraged to cause the target application to behave in unexpected, and possibly, malicious ways. One of the possible motives for doing so is to pass in arbitrarily large input to the application. Another possible motivation is the modification of application state by including invalid data for subsequent properties of the application. Such weaknesses commonly lead to attacks such as buffer overflows and execution of arbitrary code.
CVE-2025-30659 has been classified to as a length manipulation vulnerability or weakness.
Products Associated with CVE-2025-30659
Want to know whenever a new CVE is published for Juniper Networks Junos? stack.watch will email you.
Affected Versions
Juniper Networks Junos OS:- Version 21.4R1 and below 21.4* is affected.
- Version 22.2 and below 22.2R3-S6 is affected.
- Version 22.4 and below 22.4R3-S6 is affected.
- Version 23.2 and below 23.2R2-S3 is affected.
- Version 23.4 and below 23.4R2-S4 is affected.
- Version 24.2 and below 24.2R2 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.