| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 7.3 | $0-$5k | 0.00 |
Summary
A vulnerability has been found in Juniper Junos OS up to 24.2R1-S2 and classified as critical. Impacted is an unknown function. The manipulation leads to improper handling of additional special element. This vulnerability is referenced as CVE-2025-30656. Remote exploitation of the attack is possible. No exploit is available. The affected component should be upgraded.
Details
A vulnerability, which was classified as critical, has been found in Juniper Junos OS up to 24.2R1-S2. This issue affects an unknown part. The manipulation with an unknown input leads to a improper handling of additional special element vulnerability. Using CWE to declare the problem leads to CWE-167. The product receives input from an upstream component, but it does not handle or incorrectly handles when an additional unexpected special element is provided. Impacted is availability. The summary by CVE is:
An Improper Handling of Additional Special Element vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series with MS-MPC, MS-MIC and SPC3, and SRX Series, allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If the SIP ALG processes specifically formatted SIP invites, a memory corruption will occur which will lead to a crash of the FPC processing these packets. Although the system will automatically recover with the restart of the FPC, subsequent SIP invites will cause the crash again and lead to a sustained DoS. This issue affects Junos OS on MX Series and SRX Series: * all versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S10, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3-S5, * 23.2 versions before 23.2R2-S3, * 23.4 versions before 23.4R2-S3, * 24.2 versions before 24.2R1-S2, 24.2R2.
The advisory is shared at supportportal.juniper.net. The identification of this vulnerability is CVE-2025-30656 since 03/24/2025. The exploitation is known to be easy. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. Neither technical details nor an exploit are publicly available.
The vulnerability scanner Nessus provides a plugin with the ID 234087 (Juniper Junos OS Vulnerability (JSA96466)), which helps to determine the existence of the flaw in a target environment.
Upgrading to version 21.2R3-S9, 21.4R3-S10, 22.2R3-S6, 22.4R3-S5, 23.2R2-S3, 23.4R2-S3, 24.2R1-S2 or 24.2R2 eliminates this vulnerability.
The vulnerability is also documented in the vulnerability database at Tenable (234087). Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.juniper.net/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CNA CVSS-B Score: 🔍
CNA CVSS-BT Score: 🔍
CNA Vector: 🔍
CVSSv3
VulDB Meta Base Score: 7.5VulDB Meta Temp Score: 7.3
VulDB Base Score: 7.5
VulDB Temp Score: 7.2
VulDB Vector: 🔍
VulDB Reliability: 🔍
CNA Base Score: 7.5
CNA Vector (juniper): 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: Improper handling of additional special elementCWE: CWE-167 / CWE-20
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 234087
Nessus Name: Juniper Junos OS Vulnerability (JSA96466)
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: Junos OS 21.2R3-S9/21.4R3-S10/22.2R3-S6/22.4R3-S5/23.2R2-S3/23.4R2-S3/24.2R1-S2/24.2R2
Timeline
03/24/2025 🔍04/09/2025 🔍
04/09/2025 🔍
01/24/2026 🔍
Sources
Vendor: juniper.netAdvisory: JSA96466
Status: Confirmed
CVE: CVE-2025-30656 (🔍)
GCVE (CVE): GCVE-0-2025-30656
GCVE (VulDB): GCVE-100-304265
Entry
Created: 04/09/2025 22:21Updated: 01/24/2026 06:03
Changes: 04/09/2025 22:21 (79), 04/10/2025 04:32 (2), 01/24/2026 06:03 (1)
Complete: 🔍
Cache ID: 216::103
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
No comments yet. Languages: en.
Please log in to comment.