Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2025-30649

An Improper Input Validation vulnerability in the syslog stream TCP transport of Juniper Networks Junos OS on MX240, MX480 and MX960 devices with MX-SPC3 Security Services Card allows an unauthenticated, network-based attacker, to send specific spoofed packets to cause a CPU Denial of Service (DoS) to the MX-SPC3 SPUs. Continued receipt and processing of these specific packets will sustain the DoS condition. This issue affects Junos OS: * All versions before 22.2R3-S6, * from 22.4 before 22.4R3-S4, * from 23.2 before 23.2R2-S3, * from 23.4 before 23.4R2-S4, * from 24.2 before 24.2R1-S2, 24.2R2 An indicator of compromise will indicate the SPC3 SPUs utilization has spiked. For example:     user@device> show services service-sets summary Service sets CPU Interface configured Bytes used Session bytes used Policy bytes used utilization "interface" 1 "bytes" (percent%) "sessions" ("percent"%) "bytes" ("percent"%) 99.97 % OVLD <<<<<< look for high CPU usage
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.3%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2025-30649
  • Juniper » Mx-Spc3 » Version: N/A
    cpe:2.3:h:juniper:mx-spc3:-
  • Juniper » Mx240 » Version: N/A
    cpe:2.3:h:juniper:mx240:-
  • Juniper » Mx480 » Version: N/A
    cpe:2.3:h:juniper:mx480:-
  • Juniper » Mx960 » Version: N/A
    cpe:2.3:h:juniper:mx960:-
  • Juniper » Junos » Version: Any
    cpe:2.3:o:juniper:junos:*
  • Juniper » Junos » Version: 22.2
    cpe:2.3:o:juniper:junos:22.2
  • Juniper » Junos » Version: 22.4
    cpe:2.3:o:juniper:junos:22.4
  • Juniper » Junos » Version: 23.2
    cpe:2.3:o:juniper:junos:23.2
  • Juniper » Junos » Version: 23.4
    cpe:2.3:o:juniper:junos:23.4
  • Juniper » Junos » Version: 24.2
    cpe:2.3:o:juniper:junos:24.2


Products
Pricing
Contact Us

Shodan ® - All rights reserved