CVE-2025-52981

HIGH
Published Jul 11, 2025 Modified Jan 30, 2026 CWE-754

Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX1600, SRX2300, SRX 4000 Series, and SRX5000 Series with SPC3 allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If a sequence of specific PIM packets is received, this will cause a flowd crash and restart. This issue affects Junos OS: * all versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S11, * 22.2 versions before 22.2R3-S7, * 22.4 versions before 22.4R3-S6, * 23.2 versions before 23.2R2-S4, * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R2. This is a similar, but different vulnerability than the issue reported as CVE-2024-47503, published in JSA88133.

Is your site exposed to CVE-2025-52981?

Run a free security scan — no signup, results in seconds.

CVSS v3.1 Score

7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Weakness Type (CWE)

CWE-754 CWE-754

Affected Products

Vendor Product
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper srx1600
juniper srx2300
juniper srx4100
juniper srx4120
juniper srx4200
juniper srx4300
juniper srx4600
juniper srx4700
juniper srx5400
juniper srx5600
juniper srx5800
juniper srx5k-spc3

References

Frequently Asked Questions

What is CVE-2025-52981? +
An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX1600, SRX2300, SRX 4000 Series, and SRX5000 Series with SPC3 allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If a sequence of specific PIM packets is received, this will cause a flowd crash and restart. This issue affects Junos OS: * all versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S11, * 22.2 versions before 22.2R3-S7, * 22.4 versions before 22.4R3-S6, * 23.2 versions before 23.2R2-S4, * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R2. This is a similar, but different vulnerability than the issue reported as CVE-2024-47503, published in JSA88133. It has a CVSS v3.1 base score of 7.5 (HIGH).
How severe is CVE-2025-52981? +
CVE-2025-52981 has a CVSS v3.1 score of 7.5 out of 10, rated HIGH. This is a high-severity vulnerability that should be prioritized for patching.
What products are affected by CVE-2025-52981? +
CVE-2025-52981 affects products from juniper, specifically: junos, srx1600, srx2300, srx4100, srx4120, srx4200, srx4300, srx4600, srx4700, srx5400, srx5600, srx5800, srx5k-spc3. Check the affected products table above for specific version ranges.
How do I check if I'm vulnerable to CVE-2025-52981? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

Don't wait for an exploit

Scan your website for vulnerabilities like CVE-2025-52981 — free, no signup required.