CVE-2025-30657

CVE-2025-30657 is a medium-severity vulnerability in Juniper Junos with a CVSS 3.x base score of 5.3. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-116.

Key facts

Description

An Improper Encoding or Escaping of Output vulnerability in the Sampling Route Record Daemon (SRRD) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When a device configured for flow-monitoring receives a specific BGP update message, it is correctly processed internally by the routing protocol daemon (rpd), but when it's sent to SRRD it's encoded incorrectly which leads to a crash and momentary interruption of jflow processing until it automatically restarts. This issue does not affect traffic forwarding itself. This issue affects Junos OS:  * All versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S10, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3, * 23.2 versions before 23.2R1-S2, 23.2R2. This issue does not affected Junos OS Evolved.

Frequently asked questions

What is CVE-2025-30657?
An Improper Encoding or Escaping of Output vulnerability in the Sampling Route Record Daemon (SRRD) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When a device configured for flow-monitoring receives a specific BGP update message, it is correctly processed internally by the routing protocol daemon (rpd), but when it's sent to SRRD it's encoded incorrectly which leads to a crash and momentary interruption of jflow processing until it automatically restarts. This issue does not affect traffic forwarding itself. This issue affects Junos OS:  * All versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S10, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3, * 23.2 versions before 23.2R1-S2, 23.2R2. This issue does not affected Junos OS Evolved.
How severe is CVE-2025-30657?
CVE-2025-30657 has a CVSS 3.x base score of 5.3, rated medium severity. It is exploitable over network with low attack complexity, requires no privileges and no user interaction. Impact on confidentiality is none, integrity none, and availability low.
Is CVE-2025-30657 being actively exploited?
It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (28th percentile), an estimate of the probability of exploitation in the next 30 days.
What products are affected by CVE-2025-30657?
CVE-2025-30657 primarily affects Juniper Junos. In total, 58 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
How do I fix CVE-2025-30657?
Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
Does CVE-2025-30657 have an EU (EUVD) identifier?
Yes. CVE-2025-30657 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2025-10512.
When was CVE-2025-30657 published?
CVE-2025-30657 was published on 2025-04-09 and last updated on 2026-06-17.

References

Affected products (58)

More vulnerabilities in Juniper Junos

All CVEs affecting Juniper Junos →

Other CWE-116 vulnerabilities

Browse all CWE-116 vulnerabilities →