CVE-2025-52981

HIGH

Juniper Junos < 21.2 - Improper Condition Check

Title source: rule

Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX1600, SRX2300, SRX 4000 Series, and SRX5000 Series with SPC3 allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If a sequence of specific PIM packets is received, this will cause a flowd crash and restart. This issue affects Junos OS: * all versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S11, * 22.2 versions before 22.2R3-S7, * 22.4 versions before 22.4R3-S6, * 23.2 versions before 23.2R2-S4, * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R2. This is a similar, but different vulnerability than the issue reported as CVE-2024-47503, published in JSA88133.

References (1)

[Vendor Advisory] https://supportportal.juniper.net/JSA100087

Scores

CVSS v3 7.5

EPSS 0.0011

EPSS Percentile 29.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-754

Status published

Products (4)

juniper/junos 21.2 (16 CPE variants)

juniper/junos 21.4 (18 CPE variants)

juniper/junos 22.2 (14 CPE variants)

juniper/junos 22.4 (2 CPE variants)

Published Jul 11, 2025

Tracked Since Feb 18, 2026