CVE-2025-30645

HIGH EPSS 25.9%

Published Apr 9, 20251y ago · Modified Jun 17, 20261w ago

8.7 CVSS 4.0

High

Published Apr 9, 2025 1y ago

Last Modified Jun 17, 2026 1w ago

Description

A NULL Pointer Dereference vulnerability in the flow daemon (flowd) of Juniper Networks Junos OS on SRX Series allows an attacker causing specific, valid control traffic to be sent out of a Dual-Stack (DS) Lite tunnel to crash the flowd process, resulting in a Denial of Service (DoS). Continuous triggering of specific control traffic will create a sustained Denial of Service (DoS) condition. On all SRX platforms, when specific, valid control traffic needs to be sent out of a DS-Lite tunnel, a segmentation fault occurs within the flowd process, resulting in a network outage until the flowd process restarts. This issue affects Junos OS on SRX Series: * All versions before 21.2R3-S9, * from 21.4 before 21.4R3-S9, * from 22.2 before 22.2R3-S5, * from 22.4 before 22.4R3-S6, * from 23.2 before 23.2R2-S3, * from 23.4 before 23.4R2.

CVSS Details

Base Score

8.7

Exploitability

—

Impact

—

Vector string

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:C/RE:M/U:Green

Attack Vector Network

Attack Complexity Low

Privileges Required None

User Interaction None

Scope X

Threat Intelligence

EPSS Exploit Probability

25.9% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 86

Vendor	Product	Version	Range
juniper	junos	*	<21.2
juniper	junos	21.2	any
juniper	junos	21.2	any
juniper	junos	21.2	any
juniper	junos	21.2	any
juniper	junos	21.2	any
juniper	junos	21.2	any
juniper	junos	21.2	any
juniper	junos	21.2	any
juniper	junos	21.2	any
juniper	junos	21.2	any
juniper	junos	21.2	any
juniper	junos	21.2	any
juniper	junos	21.2	any
juniper	junos	21.2	any
juniper	junos	21.2	any
juniper	junos	21.2	any
juniper	junos	21.4	any
juniper	junos	21.4	any
juniper	junos	21.4	any
juniper	junos	21.4	any
juniper	junos	21.4	any
juniper	junos	21.4	any
juniper	junos	21.4	any
juniper	junos	21.4	any
juniper	junos	21.4	any
juniper	junos	21.4	any
juniper	junos	21.4	any
juniper	junos	21.4	any
juniper	junos	21.4	any
juniper	junos	21.4	any
juniper	junos	21.4	any
juniper	junos	21.4	any
juniper	junos	22.2	any
juniper	junos	22.2	any
juniper	junos	22.2	any
juniper	junos	22.2	any
juniper	junos	22.2	any
juniper	junos	22.2	any
juniper	junos	22.2	any
juniper	junos	22.2	any
juniper	junos	22.2	any
juniper	junos	22.2	any
juniper	junos	22.2	any
juniper	junos	22.2	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	23.2	any
juniper	junos	23.2	any
juniper	junos	23.2	any
juniper	junos	23.2	any
juniper	junos	23.2	any
juniper	junos	23.2	any
juniper	junos	23.2	any
juniper	junos	23.4	any
juniper	junos	23.4	any
juniper	junos	23.4	any
juniper	junos	23.4	any
juniper	srx1500	*	any
juniper	srx1600	*	any
juniper	srx2300	*	any
juniper	srx300	*	any
juniper	srx320	*	any
juniper	srx340	*	any
juniper	srx345	*	any
juniper	srx380	*	any
juniper	srx4100	*	any
juniper	srx4120	*	any
juniper	srx4200	*	any
juniper	srx4300	*	any
juniper	srx4600	*	any
juniper	srx4700	*	any
juniper	srx5400	*	any
juniper	srx5600	*	any
juniper	srx5800	*	any

References 1

supportportal.juniper.net https://supportportal.juniper.net/JSA96455

Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.