CVE-2025-52982

Junos OS: MX Series: When specific SIP packets are processed the MS-MPC will crash

Description

An Improper Resource Shutdown or Release vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series with MS-MPC allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When an MX Series device with an MS-MPC is configured with two or more service sets which are both processing SIP calls, a specific sequence of call events will lead to a crash and restart of the MS-MPC. This issue affects Junos OS: * all versions before 21.2R3-S9, * 21.4 versions from 21.4R1, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3-S6. As the MS-MPC is EoL after Junos OS 22.4, later versions are not affected. This issue does not affect MX-SPC3 or SRX Series devices.

Remediation

Solution:

  • The following software releases have been updated to resolve this specific issue: 21.2R3-S9, 22.2R3-S6, 22.4R3-S6, and all subsequent releases.

Workaround:

  • There are no known workarounds for this issue. To reduce the risk of exploitation customers not requiring the SIP ALG functionality could explicitly disable it (in case it's by default enabled) by configuring: [ security alg sip disable ]

Category

8.2
CVSS
Severity: High
CVSS 4.0 •
CVSS 3.1 •
Vendor Advisory juniper.net
Affected: Juniper Networks Junos OS
Published at:
Updated at:

References

Link Tags
https://supportportal.juniper.net/JSA100088 vendor advisory

Frequently Asked Questions

What is the severity of CVE-2025-52982?
CVE-2025-52982 has been scored as a high severity vulnerability.
How to fix CVE-2025-52982?
To fix CVE-2025-52982: The following software releases have been updated to resolve this specific issue: 21.2R3-S9, 22.2R3-S6, 22.4R3-S6, and all subsequent releases.
Is CVE-2025-52982 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2025-52982 is being actively exploited.
What software or system is affected by CVE-2025-52982?
CVE-2025-52982 affects Juniper Networks Junos OS.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.