CVE-2025-59967

Summary

A NULL Pointer Dereference vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved on ACX7024, ACX7024X, ACX7100-32C, ACX7100-48L, ACX7348, ACX7509 devices allows an unauthenticated, adjacent attacker to cause a

Denial-of-Service (DoS).

Whenever specific valid multicast traffic is received on any layer 3 interface the evo-pfemand process crashes and restarts.

Continued receipt of specific valid multicast traffic results in a sustained Denial of Service (DoS) attack. This issue affects Junos OS Evolved on ACX7024, ACX7024X, ACX7100-32C, ACX7100-48L, ACX7348, ACX7509: 

  • from 23.2R2-EVO before 23.2R2-S4-EVO, 
  • from 23.4R1-EVO before 23.4R2-EVO.

This issue affects IPv4 and IPv6.

This issue does not affect Junos OS Evolved ACX7024, ACX7024X, ACX7100-32C, ACX7100-48L, ACX7348, ACX7509 versions before 23.2R2-EVO.

Affected Software

VendorProductVersion RangeStatus
Juniper NetworksJunos OS Evolved23.2R2-EVO < 23.2R2-S4-EVOaffected
Juniper NetworksJunos OS Evolved23.4R1-EVO < 23.4R2-EVOaffected

Weaknesses

  • CWE-476: CWE-476: NULL Pointer Dereference

Workarounds

There are no known workarounds for this issue. To reduce the risk of exploitation, enable access control lists (ACLs) and other filtering mechanisms to limit access to the device only from trusted hosts.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References