Vulnerability Description
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).When processing a high rate of specific GRE traffic destined to the device, the respective PFE will hang causing traffic forwarding to stop. When this issue occurs the following logs can be observed: <fpc #> MQSS(0): LI-3: Received a parcel with more than 512B accompanying data CHASSISD_FPC_ASIC_ERROR: ASIC Error detected <...> This issue affects Junos OS: * all versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S8, * 22.2 versions before 22.2R3-S4, * 22.4 versions before 22.4R3-S5, * 23.2 versions before 23.2R2-S2, * 23.4 versions before 23.4R2.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Junos | < 21.2 |
| Juniper | Mx10004 | - |
| Juniper | Mx10008 | - |
| Juniper | Mx2008 | - |
| Juniper | Mx2010 | - |
| Juniper | Mx2020 | - |
| Juniper | Mx204 | - |
| Juniper | Mx240 | - |
| Juniper | Mx304 | - |
| Juniper | Mx480 | - |
| Juniper | Mx960 | - |
Related Weaknesses (CWE)
References
- https://supportportal.juniper.net/JSA96471Vendor Advisory
FAQ
What is CVE-2025-30660?
CVE-2025-30660 is a vulnerability with a CVSS score of 7.5 (HIGH). An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker ...
How severe is CVE-2025-30660?
CVE-2025-30660 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-30660?
Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Mx10004, Juniper Mx10008, Juniper Mx2008, Juniper Mx2010.