关键漏洞信息 漏洞编号: CVE-2025-52952 影响产品: Junos OS All versions before 22.2R3-S1, 22.4 受影响平台: MX Series with MPC-BUILTIN, MPC1 through MPC9 严重性: Medium CVSS评分: - CVSS v3.1: 6.5 (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) - CVSS v4.0: 7.1 (AV:A/AC:L/ATN:PRC/UI:N/V:C/N:V/I:N/A:H/SC:N/SIN:SA/L:AU:Y/R:A/VC:RE:M/U:Green) 问题描述 漏洞类型: Out-of-bounds Write vulnerability in the connectivity fault management (CFM) daemon 影响: Unauthorized adjacent attacker can send a malformed packet to the device, causing an FPC crash and restart, leading to a Denial of Service (DoS). 持续影响: Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. 解决方案 修复版本: Junos OS: 22.2R3-S1, 22.4R2, 23.2R1, and all subsequent releases. 跟踪编号: 1726141 其他信息 变通方法: No known workarounds for this issue. 相关链接: - KB16613: Overview of the Juniper Networks SIRT Quarterly Security Bulletin Publication Process - KB16765: In which releases are vulnerabilities fixed? - KB16446: Common Vulnerability Scoring System (CVSS) and Juniper's Security Advisories - Report a Security Vulnerability - How to Contact the Juniper Networks Security Incident Response Team - https://www.cve.org/CVERecord?id=CVE-2025-52952