CVE-2025-52955 is a medium-severity vulnerability affecting Juniper Networks Junos OS and Junos OS Evolved, specifically within the routing protocol daemon (rpd). The root cause is an incorrect calculation of buffer size (CWE-131) when processing updates related to logical interfaces that use routing instances and flap continuously. This flaw leads to memory corruption in the jflow/sflow modules, causing the rpd process to crash and subsequently restart. If the attacker continues to send these specific updates, it results in a sustained Denial of Service (DoS) condition by repeatedly crashing the rpd. The vulnerability can be exploited by an adjacent unauthenticated attacker, meaning the attacker must be on the same or directly connected network segment but does not require any authentication or user interaction. The affected Junos OS versions include all versions before 21.2R3-S9, all versions of 21.4 and 22.2, and certain subversions of 22.4, 23.2, 23.4, and 24.2. Similarly, Junos OS Evolved versions from 21.2-EVO through 24.2-EVO are affected in comparable version ranges. The CVSS v3.1 base score is 6.5, reflecting a medium severity with an attack vector of adjacent network, low attack complexity, no privileges required, no user interaction, and impact limited to availability (no confidentiality or integrity impact). No known exploits are currently reported in the wild, and no patches are linked in the provided data, indicating organizations should monitor vendor advisories closely for updates. This vulnerability primarily threatens network availability by causing routing daemon crashes, which can disrupt routing and traffic flow in affected Juniper network devices.

For European organizations, the impact of CVE-2025-52955 can be significant, particularly for those relying on Juniper Networks infrastructure for core routing and network management. The rpd crash leads to routing disruptions and potential network outages, which can affect business continuity, especially in sectors requiring high network availability such as finance, telecommunications, healthcare, and critical infrastructure. Since the attack requires adjacency, it is most relevant in environments where untrusted or semi-trusted devices share the same Layer 2 domain or where network segmentation is weak. Sustained DoS conditions could degrade service quality or cause intermittent outages, impacting operational efficiency and potentially violating regulatory requirements for network uptime and data availability. Although confidentiality and integrity are not directly impacted, the availability disruption could indirectly affect services dependent on network stability. European organizations with extensive Juniper deployments in data centers, ISPs, or enterprise WANs should prioritize addressing this vulnerability to avoid service degradation or outages.

1. Immediate mitigation should include network segmentation and strict access control to limit adjacency to trusted devices only, reducing the attack surface. 2. Monitor network interfaces for frequent logical interface flapping and investigate unusual update traffic patterns targeting jflow/sflow modules. 3. Apply vendor-released patches or updates as soon as they become available to address the buffer size calculation flaw. 4. Implement rate limiting or filtering on routing protocol update messages where possible to prevent flooding with malicious updates. 5. Use network anomaly detection tools to identify repeated rpd crashes or unusual routing daemon restarts indicative of exploitation attempts. 6. Maintain up-to-date inventory of Junos OS versions deployed and prioritize upgrades for affected versions. 7. Engage with Juniper support for any available workarounds or hotfixes if immediate patching is not feasible. 8. Conduct regular vulnerability assessments and penetration tests focusing on network layer protocols to detect potential exploitation vectors.