Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-59967

Опубликовано: 09 окт. 2025
Источник: nvd
CVSS3: 6.5
EPSS Низкий

Описание

A NULL Pointer Dereference vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved on ACX7024, ACX7024X, ACX7100-32C, ACX7100-48L, ACX7348, ACX7509 devices allows an unauthenticated, adjacent attacker to cause a

Denial-of-Service (DoS).

Whenever specific valid multicast traffic is received on any layer 3 interface the evo-pfemand process crashes and restarts.

Continued receipt of specific valid multicast traffic results in a sustained Denial of Service (DoS) attack. This issue affects Junos OS Evolved on ACX7024, ACX7024X, ACX7100-32C, ACX7100-48L, ACX7348, ACX7509: 

  • from 23.2R2-EVO before 23.2R2-S4-EVO, 
  • from 23.4R1-EVO before 23.4R2-EVO.

This issue affects IPv4 and IPv6.

This issue does not affect Junos OS Evolved ACX7024, ACX7024X, ACX7100-32C, ACX7100-48L, ACX7348, ACX7509 versions before 23.2R2-EVO.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:juniper:junos_os_evolved:23.2:r2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s3:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:23.4:r1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s2:*:*:*:*:*:*

Одно из

cpe:2.3:h:juniper:acx7024:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:acx7024x:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:acx7100-32c:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:acx7100-48l:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:acx7348:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:acx7509:-:*:*:*:*:*:*:*

EPSS

Процентиль: 5%
0.00021
Низкий

6.5 Medium

CVSS3

Дефекты

CWE-476

Связанные уязвимости

github логотип

GHSA-v9vh-vj86-fh3j

CVSS3: 6.5
github
4 месяца назад

A NULL Pointer Dereference vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved on ACX7024, ACX7024X, ACX7100-32C, ACX7100-48L, ACX7348, ACX7509 devices allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). Whenever specific valid multicast traffic is received on any layer 3 interface the evo-pfemand process crashes and restarts. Continued receipt of specific valid multicast traffic results in a sustained Denial of Service (DoS) attack. This issue affects Junos OS Evolved on ACX7024, ACX7024X, ACX7100-32C, ACX7100-48L, ACX7348, ACX7509:  * from 23.2R2-EVO before 23.2R2-S4-EVO,  * from 23.4R1-EVO before 23.4R2-EVO. This issue affects IPv4 and IPv6. This issue does not affect Junos OS Evolved ACX7024, ACX7024X, ACX7100-32C, ACX7100-48L, ACX7348, ACX7509 versions before 23.2R2-EVO.

EPSS

Процентиль: 5%
0.00021
Низкий

6.5 Medium

CVSS3

Дефекты

CWE-476