Vulnerability Database

309,136

Total vulnerabilities in the database

CVE-2025-52980

A Use of Incorrect Byte Ordering

vulnerability

in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS on SRX300 Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).

When a BGP update is received over an established BGP session which contains a specific, valid, optional, transitive path attribute, rpd will crash and restart.

This issue affects eBGP and iBGP over IPv4 and IPv6.

This issue affects:

Junos OS:

22.1 versions from 22.1R1 before 22.2R3-S4,
22.3 versions before 22.3R3-S3,
22.4 versions before 22.4R3-S2,
23.2 versions before 23.2R2,
23.4 versions before 23.4R2.

Published: Jul 11, 2025
Updated: Nov 16, 2025
CVE: CVE-2025-52980
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWEs:

CWE-198

Affected Software
References

No affected software listed.

https://supportportal.juniper.net/JSA100084

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo