CVE-2025-59964

09.10.2025, 16:15

A Use of Uninitialized Resource vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX4700devices allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).

When forwarding-options samplingis enabled, receiptof any traffic destined to the Routing Engine (RE) by the PFE line cardleads to an FPC crash and restart, resulting in a Denial of Service (DoS). 

Continued receipt and processing of any traffic leading to the RE by the PFE line card will create a sustained Denial of Service (DoS) condition to the PFE line card.


This issue affectsJunos OS on SRX4700:



  *  from 24.4 before 24.4R1-S3, 24.4R2


This issue affects IPv4 and IPv6.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
juniper	CNA	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA-ADP	ADP	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Common Weakness Enumeration

CWE-908 - Use of Uninitialized Resource
The software uses or accesses a resource that has not been initialized.

Vulnerability Media Exposure

[GERMAN] Juniper JUNOS OS, Space, OS Evolved: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen in Juniper JUNOS ausnutzen, um sich erweiterte Berechtigungen zu verschaffen, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen oder Daten zu manipulieren.
Published: 2025-10-08T22:00:00+00:00

References

https://supportportal.juniper.net/JSA103153

https://www.juniper.net/documentation/us/en/software/junos/cli-reference/topics/ref/statement/sampling-edit-forwarding-options.html