Vulnerability Description
An Improper Input Validation vulnerability in the syslog stream TCP transport of Juniper Networks Junos OS on MX240, MX480 and MX960 devices with MX-SPC3 Security Services Card allows an unauthenticated, network-based attacker, to send specific spoofed packets to cause a CPU Denial of Service (DoS) to the MX-SPC3 SPUs. Continued receipt and processing of these specific packets will sustain the DoS condition. This issue affects Junos OS: * All versions before 22.2R3-S6, * from 22.4 before 22.4R3-S4, * from 23.2 before 23.2R2-S3, * from 23.4 before 23.4R2-S4, * from 24.2 before 24.2R1-S2, 24.2R2 An indicator of compromise will indicate the SPC3 SPUs utilization has spiked. For example: user@device> show services service-sets summary Service sets CPU Interface configured Bytes used Session bytes used Policy bytes used utilization "interface" 1 "bytes" (percent%) "sessions" ("percent"%) "bytes" ("percent"%) 99.97 % OVLD <<<<<< look for high CPU usage
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Junos | < 22.2 |
| Juniper | Mx-Spc3 | - |
| Juniper | Mx240 | - |
| Juniper | Mx480 | - |
| Juniper | Mx960 | - |
Related Weaknesses (CWE)
References
- https://supportportal.juniper.net/JSA96459Vendor Advisory
FAQ
What is CVE-2025-30649?
CVE-2025-30649 is a vulnerability with a CVSS score of 7.5 (HIGH). An Improper Input Validation vulnerability in the syslog stream TCP transport of Juniper Networks Junos OS on MX240, MX480 and MX960 devices with MX-SPC3 Security Services Card allows an unauthenticat...
How severe is CVE-2025-30649?
CVE-2025-30649 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-30649?
Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Mx-Spc3, Juniper Mx240, Juniper Mx480, Juniper Mx960.