CVE-2025-59969

EUVD-2025-209396

09.04.2026, 22:16

A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in the advanced forwarding toolkit (evo-aftmand/evo-pfemand) of Juniper Networks Junos OS Evolved on PTX Series or QFX5000 Series allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS).An attacker sending crafted multicast packets will cause line cards running evo-aftmand/evo-pfemand to crash and restart or non-line card devices to crash and restart. Continued receipt and processing of these packets will sustain the Denial of Service (DoS) condition.

This issue affects Junos OS Evolved PTX Series:



  *  All versions before 22.4R3-S8-EVO,
  *  from 23.2 before 23.2R2-S5-EVO,
  *  from 23.4 before 23.4R2-EVO,
  *  from 24.2 before 24.2R2-EVO,
  *  from 24.4 before 24.4R2-EVO.




This issue affects Junos OS Evolved on QFX5000 Series:



  *  22.2-EVO version before 22.2R3-S7-EVO,
  *  22.4-EVO version before 22.4R3-S7-EVO,
  *  23.2-EVO versions before 23.2R2-S4-EVO,
  *  23.4-EVO versions before 23.4R2-S5-EVO, 
  *  24.2-EVO versions before 24.2R2-S1-EVO,
  *  24.4-EVO versions before 24.4R1-S3-EVO, 24.4R2-EVO.


This issue does not affect Junos OS Evolved on QFX5000 Series versions before: 21.2R2-S1-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-EVO, and 22.1R1-EVO.

Classic Buffer Overflow

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	6.5 MEDIUM	ADJACENT_NETWORK	LOW	NONE	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Common Weakness Enumeration

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The program copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References

https://kb.juniper.net/JSA103159