CVE-2025-52960

HIGH EPSS 21.9%
Published Oct 9, 20258mo ago · Modified Jun 17, 20261w ago
8.2 CVSS 4.0
High
Find Similar
Published Oct 9, 2025 8mo ago
Last Modified Jun 17, 2026 1w ago

Description

A Buffer Copy without Checking Size of Input vulnerability in the Session Initialization Protocol (SIP) ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When memory utilization is high, and specific SIP packets are received, flowd/mspmand crashes. While the system recovers automatically, the disruption can significantly impact service stability. Continuous receipt of these specific SIP packets, while high utilization is present, will cause a sustained DoS condition. The utilization is outside the attackers control, so they would not be able to deterministically exploit this. This issue affects Junos OS on SRX Series and MX Series:  * All versions before 22.4R3-S7, * from 23.2 before 23.2R2-S4, * from 23.4 before 23.4R2-S5, * from 24.2 before 24.2R2.

CVSS Details

Base Score
8.2
Exploitability
Impact
Vector string
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:M/U:X
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
21.9% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-120

Affected Products 63

VendorProductVersionRange
juniperjunos* <22.4
juniperjunos22.4any
juniperjunos22.4any
juniperjunos22.4any
juniperjunos22.4any
juniperjunos22.4any
juniperjunos22.4any
juniperjunos22.4any
juniperjunos22.4any
juniperjunos22.4any
juniperjunos22.4any
juniperjunos22.4any
juniperjunos22.4any
juniperjunos22.4any
juniperjunos22.4any
juniperjunos23.2any
juniperjunos23.2any
juniperjunos23.2any
juniperjunos23.2any
juniperjunos23.2any
juniperjunos23.2any
juniperjunos23.2any
juniperjunos23.2any
juniperjunos23.4any
juniperjunos23.4any
juniperjunos23.4any
juniperjunos23.4any
juniperjunos23.4any
juniperjunos23.4any
juniperjunos23.4any
juniperjunos23.4any
juniperjunos23.4any
juniperjunos24.2any
juniperjunos24.2any
juniperjunos24.2any
juniperjunos24.2any
junipermx10004*any
junipermx10008*any
junipermx2008*any
junipermx2010*any
junipermx2020*any
junipermx204*any
junipermx240*any
junipermx304*any
junipermx480*any
junipermx960*any
junipersrx1500*any
junipersrx1600*any
junipersrx2300*any
junipersrx300*any
junipersrx320*any
junipersrx340*any
junipersrx345*any
junipersrx380*any
junipersrx4100*any
junipersrx4120*any
junipersrx4200*any
junipersrx4300*any
junipersrx4600*any
junipersrx4700*any
junipersrx5400*any
junipersrx5600*any
junipersrx5800*any

References 2

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.