What is the severity of CVE-2025-30647?

CVE-2025-30647 has a severity rating of High due to its potential to cause Denial-of-Service (DoS) by an unauthenticated attacker.

How do I fix CVE-2025-30647?

To address CVE-2025-30647, it is recommended to upgrade to Junos OS version 21.2R3-S10 or later.

Who can exploit CVE-2025-30647?

CVE-2025-30647 can be exploited by unauthenticated adjacent attackers who have access to the affected device.

What systems are affected by CVE-2025-30647?

CVE-2025-30647 affects Juniper Networks Junos OS running on MX Series devices.

What are the potential impacts of CVE-2025-30647?

Exploitation of CVE-2025-30647 may lead to a Denial-of-Service (DoS) condition, impacting network availability.

Vulnerability/
CVE-2025-30647

high

7.1

CWE

401

9/4/2025

11/4/2025

CVE-2025-30647: Junos OS: MX Series: Subscriber login/logout activity will lead to a memory leak

First published: Wed Apr 09 2025(Updated: )

A Missing Release of Memory after Effective Lifetime vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS). In a subscriber management scenario, login/logout activity triggers a memory leak, and the leaked memory gradually increments and eventually results in a crash. user@host> show chassis fpc Temp CPU Utilization (%) CPU Utilization (%) Memory Utilization (%) Slot State (C) Total Interrupt 1min 5min 15min DRAM (MB) Heap Buffer 2 Online 36 10 0 9 8 9 32768 26 0 This issue affects Junos OS on MX Series: * All versions before 21.2R3-S9 * from 21.4 before 21.4R3-S10 * from 22.2 before 22.2R3-S6 * from 22.4 before 22.4R3-S5 * from 23.2 before 23.2R2-S3 * from 23.4 before 23.4R2-S3 * from 24.2 before 24.2R2.

Credit: sirt@juniper.net

Affected Software	Affected Version	How to fix
Juniper JUNOS	<21.2R3-S9>=undefined>=undefined>=undefined>=undefined>=undefined>=undefined

Remedy

The following software releases have been updated to resolve this specific issue: Junos OS: 21.2R3-S9, 21.4R3-S10, 22.2R3-S6, 22.4R3-S5, 23.2R2-S3, 23.4R2-S3, 24.2R2, 24.4R1, and all subsequent releases.

Never miss a vulnerability like this again

Reference Links

https://supportportal.juniper.net/JSA96457

Frequently Asked Questions

What is the severity of CVE-2025-30647?
CVE-2025-30647 has a severity rating of High due to its potential to cause Denial-of-Service (DoS) by an unauthenticated attacker.
How do I fix CVE-2025-30647?
To address CVE-2025-30647, it is recommended to upgrade to Junos OS version 21.2R3-S10 or later.
Who can exploit CVE-2025-30647?
CVE-2025-30647 can be exploited by unauthenticated adjacent attackers who have access to the affected device.
What systems are affected by CVE-2025-30647?
CVE-2025-30647 affects Juniper Networks Junos OS running on MX Series devices.
What are the potential impacts of CVE-2025-30647?
Exploitation of CVE-2025-30647 may lead to a Denial-of-Service (DoS) condition, impacting network availability.

collector/mitre-cve
source/MITRE
agent/title
agent/weakness
agent/references
agent/remedy
agent/type
agent/description
agent/first-publish-date
agent/guess-ai
agent/software-canonical-lookup
agent/softwarecombine
collector/nvd-api
source/NVD
agent/severity
agent/last-modified-date
agent/source
agent/author
agent/tags
agent/event
vendor/juniper networks
canonical/juniper junos

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.