CVE-2025-30649 Information

Description

An Improper Input Validation vulnerability in the syslog stream TCP transport of Juniper Networks Junos OS on MX240 MX480 and MX960 devices with MX-SPC3 Security Services Card allows an unauthenticated network-based attacker to send specific spoofed packets to cause a CPU Denial of Service (DoS) to the MX-SPC3 SPUs.

Continued receipt and processing of these specific packets will sustain the DoS condition.

This issue affects Junos OS: All versions before 22.2R3-S6 from 22.4 before 22.4R3-S4 from 23.2 before 23.2R2-S3 from 23.4 before 23.4R2-S4 from 24.2 before 24.2R1-S2 24.2R2

An indicator of compromise will indicate the SPC3 SPUs utilization has spiked.

For example:     user@device> show services service-sets summary Service sets CPU Interface configured Bytes used Session bytes used Policy bytes used utilization \interface\ 1 ytes\ (percent%) \sessions\ (\percent%) ytes\ (\percent%) 99.97 % OVLD ««« look for high CPU usage

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Reference

https://supportportal.juniper.net/JSA96459

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

7.5