CVE-2025-59969 - Vulnerability Details

CVE-2025-59969 - Junos OS Evolved: QFX5000 Series and PTX Series: An attacker sending crafted multicast packets will cause evo-aftmand / evo-pfemand to crash and restart

A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in the advanced forwarding toolkit (evo-aftmand/evo-pfemand) of Juniper Networks Junos OS Evolved on PTX Series or QFX5000 Series allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS).An attacker sending crafted multicast packets will cause line cards running evo-aftmand/evo-pfemand to crash and restart or non-line card devices to crash and restart. Continued receipt and processing of these packets will sustain the Denial of Service (DoS) condition. This issue affects Junos OS Evolved PTX Series: * All versions before 22.4R3-S8-EVO, * from 23.2 before 23.2R2-S5-EVO, * from 23.4 before 23.4R2-EVO, * from 24.2 before 24.2R2-EVO, * from 24.4 before 24.4R2-EVO. This issue affects Junos OS Evolved on QFX5000 Series: * 22.2-EVO version before 22.2R3-S7-EVO, * 22.4-EVO version before 22.4R3-S7-EVO, * 23.2-EVO versions before 23.2R2-S4-EVO, * 23.4-EVO versions before 23.4R2-S5-EVO, * 24.2-EVO versions before 24.2R2-S1-EVO, * 24.4-EVO versions before 24.4R1-S3-EVO, 24.4R2-EVO. This issue does not affect Junos OS Evolved on QFX5000 Series versions before: 21.2R2-S1-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-EVO, and 22.1R1-EVO.

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact Low

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Juniper	Junos Os Evolved Ptx10001-36mr Ptx10002-36qdd Ptx10003 Ptx10004 Ptx10008 Ptx10016 Ptx12008 Qfx5110 Qfx5120 Qfx5130 Qfx5200 Qfx5210 Qfx5220 Qfx5230-64cd Qfx5240 Qfx5241 Qfx5700
Juniper Networks	Junos Os Evolved

Configuration 1 [-]

AND

OR	cpe:2.3:o:juniper:junos_os_evolved::::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:-::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r1::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r2::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r3::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s3::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s4::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s5::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s6::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s7::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.2:-::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.2:r1::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.2:r2::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s3::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s4::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.4:-::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.4:r1::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:24.2:-::::::
	cpe:2.3:o:juniper:junos_os_evolved:24.2:r1::::::
	cpe:2.3:o:juniper:junos_os_evolved:24.2:r1-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:24.4:-::::::
	cpe:2.3:o:juniper:junos_os_evolved:24.4:r1::::::
	cpe:2.3:o:juniper:junos_os_evolved:24.4:r1-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:24.4:r1-s3::::::

OR	cpe:2.3:h:juniper:ptx10001-36mr:-:::::::*
	cpe:2.3:h:juniper:ptx10002-36qdd:-:::::::*
	cpe:2.3:h:juniper:ptx10003:-:::::::*
	cpe:2.3:h:juniper:ptx10004:-:::::::*
	cpe:2.3:h:juniper:ptx10008:-:::::::*
	cpe:2.3:h:juniper:ptx10016:-:::::::*
	cpe:2.3:h:juniper:ptx12008:-:::::::*

Configuration 2 [-]

AND

OR	cpe:2.3:o:juniper:junos_os_evolved:22.2:-::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.2:r1::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.2:r2::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.2:r3::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s3::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s4::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s5::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s6::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:-::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r1::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r2::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r3::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s3::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s4::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s5::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s6::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.2:-::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.2:r1::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.2:r2::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s3::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.4:-::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.4:r1::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.4:r2::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s3::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s4::::::
	cpe:2.3:o:juniper:junos_os_evolved:24.2:-::::::
	cpe:2.3:o:juniper:junos_os_evolved:24.2:r1::::::
	cpe:2.3:o:juniper:junos_os_evolved:24.2:r1-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:24.2:r2::::::
	cpe:2.3:o:juniper:junos_os_evolved:24.4:-::::::
	cpe:2.3:o:juniper:junos_os_evolved:24.4:r1::::::
	cpe:2.3:o:juniper:junos_os_evolved:24.4:r1-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:24.4:r2::::::

OR	cpe:2.3:h:juniper:qfx5110:-:::::::*
	cpe:2.3:h:juniper:qfx5120:-:::::::*
	cpe:2.3:h:juniper:qfx5130:-:::::::*
	cpe:2.3:h:juniper:qfx5200:-:::::::*
	cpe:2.3:h:juniper:qfx5210:-:::::::*
	cpe:2.3:h:juniper:qfx5220:-:::::::*
	cpe:2.3:h:juniper:qfx5230-64cd:-:::::::*
	cpe:2.3:h:juniper:qfx5240:-:::::::*
	cpe:2.3:h:juniper:qfx5241:-:::::::*
	cpe:2.3:h:juniper:qfx5700:-:::::::*

No data.

References

Link	Providers
https://kb.juniper.net/JSA103159

History

Tue, 28 Apr 2026 20:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Juniper Juniper junos Os Evolved Juniper ptx10001-36mr Juniper ptx10002-36qdd Juniper ptx10003 Juniper ptx10004 Juniper ptx10008 Juniper ptx10016 Juniper ptx12008 Juniper qfx5110 Juniper qfx5120 Juniper qfx5130 Juniper qfx5200 Juniper qfx5210 Juniper qfx5220 Juniper qfx5230-64cd Juniper qfx5240 Juniper qfx5241 Juniper qfx5700
CPEs		cpe:2.3:h:juniper:ptx10001-36mr:-:::::::* cpe:2.3:h:juniper:ptx10002-36qdd:-:::::::* cpe:2.3:h:juniper:ptx10003:-:::::::* cpe:2.3:h:juniper:ptx10004:-:::::::* cpe:2.3:h:juniper:ptx10008:-:::::::* cpe:2.3:h:juniper:ptx10016:-:::::::* cpe:2.3:h:juniper:ptx12008:-:::::::* cpe:2.3:h:juniper:qfx5110:-:::::::* cpe:2.3:h:juniper:qfx5120:-:::::::* cpe:2.3:h:juniper:qfx5130:-:::::::* cpe:2.3:h:juniper:qfx5200:-:::::::* cpe:2.3:h:juniper:qfx5210:-:::::::* cpe:2.3:h:juniper:qfx5220:-:::::::* cpe:2.3:h:juniper:qfx5230-64cd:-:::::::* cpe:2.3:h:juniper:qfx5240:-:::::::* cpe:2.3:h:juniper:qfx5241:-:::::::* cpe:2.3:h:juniper:qfx5700:-:::::::* cpe:2.3:o:juniper:junos_os_evolved:::::::: cpe:2.3:o:juniper:junos_os_evolved:22.2:-:::::: cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s1:::::: cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s2:::::: cpe:2.3:o:juniper:junos_os_evolved:22.2:r1:::::: cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s1:::::: cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s2:::::: cpe:2.3:o:juniper:junos_os_evolved:22.2:r2:::::: cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s1:::::: cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s2:::::: cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s3:::::: cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s4:::::: cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s5:::::: cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s6:::::: cpe:2.3:o:juniper:junos_os_evolved:22.2:r3:::::: cpe:2.3:o:juniper:junos_os_evolved:22.4:-:::::: cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:::::: cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:::::: cpe:2.3:o:juniper:junos_os_evolved:22.4:r1:::::: cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s1:::::: cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s2:::::: cpe:2.3:o:juniper:junos_os_evolved:22.4:r2:::::: cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s1:::::: cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s2:::::: cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s3:::::: cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s4:::::: cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s5:::::: cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s6:::::: cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s7:::::: cpe:2.3:o:juniper:junos_os_evolved:22.4:r3:::::: cpe:2.3:o:juniper:junos_os_evolved:23.2:-:::::: cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s1:::::: cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s2:::::: cpe:2.3:o:juniper:junos_os_evolved:23.2:r1:::::: cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s1:::::: cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s2:::::: cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s3:::::: cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s4:::::: cpe:2.3:o:juniper:junos_os_evolved:23.2:r2:::::: cpe:2.3:o:juniper:junos_os_evolved:23.4:-:::::: cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s1:::::: cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s2:::::: cpe:2.3:o:juniper:junos_os_evolved:23.4:r1:::::: cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s1:::::: cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s2:::::: cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s3:::::: cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s4:::::: cpe:2.3:o:juniper:junos_os_evolved:23.4:r2:::::: cpe:2.3:o:juniper:junos_os_evolved:24.2:-:::::: cpe:2.3:o:juniper:junos_os_evolved:24.2:r1-s2:::::: cpe:2.3:o:juniper:junos_os_evolved:24.2:r1:::::: cpe:2.3:o:juniper:junos_os_evolved:24.2:r2:::::: cpe:2.3:o:juniper:junos_os_evolved:24.4:-:::::: cpe:2.3:o:juniper:junos_os_evolved:24.4:r1-s2:::::: cpe:2.3:o:juniper:junos_os_evolved:24.4:r1-s3:::::: cpe:2.3:o:juniper:junos_os_evolved:24.4:r1:::::: cpe:2.3:o:juniper:junos_os_evolved:24.4:r2::::::
Vendors & Products		Juniper Juniper junos Os Evolved Juniper ptx10001-36mr Juniper ptx10002-36qdd Juniper ptx10003 Juniper ptx10004 Juniper ptx10008 Juniper ptx10016 Juniper ptx12008 Juniper qfx5110 Juniper qfx5120 Juniper qfx5130 Juniper qfx5200 Juniper qfx5210 Juniper qfx5220 Juniper qfx5230-64cd Juniper qfx5240 Juniper qfx5241 Juniper qfx5700

Fri, 10 Apr 2026 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 10 Apr 2026 09:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Juniper Networks Juniper Networks junos Os Evolved
Vendors & Products		Juniper Networks Juniper Networks junos Os Evolved

Thu, 09 Apr 2026 21:45:00 +0000

Type	Values Removed	Values Added
Description		A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in the advanced forwarding toolkit (evo-aftmand/evo-pfemand) of Juniper Networks Junos OS Evolved on PTX Series or QFX5000 Series allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS).An attacker sending crafted multicast packets will cause line cards running evo-aftmand/evo-pfemand to crash and restart or non-line card devices to crash and restart. Continued receipt and processing of these packets will sustain the Denial of Service (DoS) condition. This issue affects Junos OS Evolved PTX Series: * All versions before 22.4R3-S8-EVO, * from 23.2 before 23.2R2-S5-EVO, * from 23.4 before 23.4R2-EVO, * from 24.2 before 24.2R2-EVO, * from 24.4 before 24.4R2-EVO. This issue affects Junos OS Evolved on QFX5000 Series: * 22.2-EVO version before 22.2R3-S7-EVO, * 22.4-EVO version before 22.4R3-S7-EVO, * 23.2-EVO versions before 23.2R2-S4-EVO, * 23.4-EVO versions before 23.4R2-S5-EVO, * 24.2-EVO versions before 24.2R2-S1-EVO, * 24.4-EVO versions before 24.4R1-S3-EVO, 24.4R2-EVO. This issue does not affect Junos OS Evolved on QFX5000 Series versions before: 21.2R2-S1-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-EVO, and 22.1R1-EVO.
Title		Junos OS Evolved: QFX5000 Series and PTX Series: An attacker sending crafted multicast packets will cause evo-aftmand / evo-pfemand to crash and restart
Weaknesses		CWE-120
References		https://kb.juniper.net/JSA103159
Metrics		cvssV3_1 `{'score': 6.5, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}` cvssV4_0 `{'score': 7.1, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:U/V:C/RE:M/U:Amber'}`

MITRE

Status: PUBLISHED

Assigner: juniper

Published: 2026-04-09T21:25:32.594Z

Updated: 2026-04-10T18:15:06.090Z

Reserved: 2025-09-23T18:19:06.955Z

Link: CVE-2025-59969

Vulnrichment

Updated: 2026-04-10T18:14:59.685Z

NVD

Status : Analyzed

Published: 2026-04-09T22:16:24.100

Modified: 2026-04-28T20:18:35.763

Link: CVE-2025-59969

Redhat

No data.

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact Low

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object