GHSA-43J4-83FV-5VCM

Vulnerability from github – Published: 2025-10-09 18:30 – Updated: 2025-12-01 09:30
VLAI?
Details

A Buffer Copy without Checking Size of Input vulnerability in the

Session Initialization Protocol (SIP) ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).

When memory utilization is high, and specific SIP packets are received, flowd crashes. While the system recovers automatically, the disruption can significantly impact service stability. Continuous receipt of these specific SIP packets, while high utilization is present, will cause a sustained DoS condition. The utilization is outside the attackers control, so they would not be able to deterministically exploit this. This issue affects Junos OS on SRX Series and MX Series: 

  • All versions before 22.4R3-S7,
  • from 23.2 before 23.2R2-S4,
  • from 23.4 before 23.4R2-S5,
  • from 24.2 before 24.2R2.
Severity ?
5.9 (Medium)
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
8.2 (High)
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/RE:M
Show details on source website
To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2025-52960"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-120"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-09T16:15:45Z",
    "severity": "HIGH"
  },
  "details": "A Buffer Copy without Checking Size of Input vulnerability in the \n\nSession Initialization Protocol (SIP) ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).\n\nWhen memory utilization is high, and specific SIP\u00a0packets are received, flowd crashes. While the system recovers automatically, the disruption can significantly impact service stability. Continuous receipt of these specific SIP packets, while high utilization is present, will cause a sustained DoS condition. The utilization is outside the attackers control, so they would not be able to deterministically exploit this.\nThis issue affects Junos OS on SRX Series and MX Series:\u00a0\n\n\n  *  All versions before 22.4R3-S7,\n  *  from 23.2 before 23.2R2-S4, \n  *  from 23.4 before 23.4R2-S5, \n  *  from 24.2 before 24.2R2.",
  "id": "GHSA-43j4-83fv-5vcm",
  "modified": "2025-12-01T09:30:26Z",
  "published": "2025-10-09T18:30:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52960"
    },
    {
      "type": "WEB",
      "url": "https://kb.juniper.net/JSA103143"
    },
    {
      "type": "WEB",
      "url": "https://supportportal.juniper.net/JSA103143"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:M/U:X",
      "type": "CVSS_V4"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.