Main Vulnerability Database Vulnerabilities #VU116940

Resource exhaustion in Junos OS Evolved - CVE-2025-52961

Published: October 13, 2025

Vulnerability identifier: #VU116940

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2025-52961

CWE-ID: CWE-400

Exploitation vector: Adjecent network

Exploit availability: No public exploit available

Vendor: Juniper Networks, Inc.

Affected software:
Junos OS Evolved

Detailed vulnerability description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper control for consumption of internal resources in the Connectivity Fault Management (CFM) daemon and the Connectivity Fault Management Manager (cfmman). A remote attacker on the local network can trigger resource exhaustion by sending specialy crafted traffic and perform a denial of service (DoS) attack.

The vulnerability affects the following platforms: PTX10001-36MR, PTX10002-36QDD, PTX10004, PTX10008, PTX10016.

How to mitigate CVE-2025-52961

Install updates from vendor's website.

Sources

https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-Evolved-PTX-Series-except-PTX10003-An-unauthenticated-adjacent-attacker-sending-specific-valid-traffic-can-cause-a-memory-leak-in-cfmman-leading-to-FPC-crash-and-restart-CVE-2025-52961

Resource exhaustion in Junos OS Evolved - CVE-2025-52961

Detailed vulnerability description

How to mitigate CVE-2025-52961

Sources

Please verify you're human