How to fix CVE-2025-52981?

Within 24 hours: Inventory all SRX1600, SRX2300, SRX4000, and SRX5000 Series devices with SPC3 cards and identify which are running vulnerable versions. Implement network-level PIM packet filtering if not business-critical. Within 7 days: Establish a patching priority list and contact Juniper for patch availability timelines; consider isolating critical SRX devices from untrusted networks. Within 30 days: Apply vendor patches immediately upon release; test thoroughly in non-production environments before production deployment.

Is Junos affected by CVE-2025-52981?

Juniper SRX Series firewalls are vulnerable to a network-based denial-of-service attack triggered by specially crafted PIM packets, causing the flow processing daemon to crash and restart.

CVE-2025-52981

EUVD-2025-21149 HIGH

2025-07-11 [email protected]

7.5

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 16, 2026 - 08:18 euvd

EUVD-2025-21149

Analysis Generated

Mar 16, 2026 - 08:18 vuln.today

CVE Published

Jul 11, 2025 - 16:15 nvd

HIGH 7.5

Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX1600, SRX2300, SRX 4000 Series, and SRX5000 Series with SPC3 allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If a sequence of specific PIM packets is received, this will cause a flowd crash and restart. This issue affects Junos OS: * all versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S11, * 22.2 versions before 22.2R3-S7, * 22.4 versions before 22.4R3-S6, * 23.2 versions before 23.2R2-S4, * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R2. This is a similar, but different vulnerability than the issue reported as CVE-2024-47503, published in JSA88133.

Analysis

A denial of service vulnerability (CVSS 7.5). High severity vulnerability requiring prompt remediation.

Technical Context

Vulnerability type: denial of service. CVSS 7.5 indicates high severity.

Affected Products

['Unspecified product']

Remediation

Monitor vendor channels for patch availability.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.1

CVSS: +38

POC: 0

CVE-2025-52981 vulnerability details – vuln.today

Back

CVE-2025-52981

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-52981

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code