Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-52980
PUBLISHED
More InfoOfficial Page
Assigner-juniper
Assigner Org ID-8cbe9d5a-a066-4c94-8978-4b15efeae968
View Known Exploited Vulnerability (KEV) details
Published At-11 Jul, 2025 | 15:08
Updated At-15 Jul, 2025 | 19:55
Rejected At-
▼CVE Numbering Authority (CNA)
Junos OS: SRX300 Series: rpd will crash upon receiving a specific, valid BGP UPDATE message

A Use of Incorrect Byte Ordering vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS on SRX300 Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When a BGP update is received over an established BGP session which contains a specific, valid, optional, transitive path attribute, rpd will crash and restart. This issue affects eBGP and iBGP over IPv4 and IPv6. This issue affects: Junos OS: * 22.1 versions from 22.1R1 before 22.2R3-S4, * 22.3 versions before 22.3R3-S3, * 22.4 versions before 22.4R3-S2, * 23.2 versions before 23.2R2, * 23.4 versions before 23.4R2.

Affected Products
Vendor
Juniper Networks, Inc.Juniper Networks
Product
Junos OS
Platforms
  • SRX300 Series
Default Status
unaffected
Versions
Affected
  • From 22.2 before 22.2R3-S4 (semver)
  • From 22.3 before 22.3R3-S3 (semver)
  • From 22.4 before 22.4R3-S2 (semver)
  • From 23.2 before 23.2R2 (semver)
  • From 23.4 before 23.4R2 (semver)
Unaffected
  • From 0 before 22.1R1 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-198CWE-198 Use of Incorrect Byte Ordering
Type: CWE
CWE ID: CWE-198
Description: CWE-198 Use of Incorrect Byte Ordering
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
4.08.7HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/RE:M
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 4.0
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/RE:M
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

The following software releases have been updated to resolve this specific issue: Junos OS: 22.2R3-S4, 22.3R3-S3, 22.4R3-S2, 23.2R2, 23.4R2, 24.2R1, and all subsequent releases.

Configurations

To be exposed to this issue the device needs to be configure to process incoming domain-path-id attributes via: [ protocols bgp ... domain-path-id receive ] Please note that Junos versions before 22.3R3-S3, 22.4R3, 22.4R3-S1, 23.2R2, 23.3R2 and 23.4R1 accept this attribute by default.

Workarounds

There are no known workarounds for this issue.

Exploits

Juniper SIRT is not aware of any malicious exploitation of this vulnerability.

Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://supportportal.juniper.net/JSA100084
vendor-advisory
Hyperlink: https://supportportal.juniper.net/JSA100084
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found