{"id":20943,"date":"2025-10-09T22:51:00","date_gmt":"2025-10-09T22:51:00","guid":{"rendered":"http:\/\/localhost\/?p=20943"},"modified":"2025-10-09T22:51:00","modified_gmt":"2025-10-09T22:51:00","slug":"junos-os-evolved-ptx-series-except-ptx10003-an-unauthenticated-adjacent-attacker-sending-specific-va","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=20943","title":{"rendered":"Junos OS Evolved: PTX Series except PTX10003: An unauthenticated adjacent attacker sending specific valid traffic can cause a memory leak in cfmman leading to FPC crash and restart_CVE-2025-52961"},"content":{"rendered":"

{“lastseen”:””,”description”:”An Uncontrolled Resource Consumption vulnerability in the Connectivity Fault Management (CFM) daemon\u00a0and the Connectivity Fault Management Manager (cfmman)\u00a0of Juniper Networks Junos OS Evolved on PTX10001-36MR, PTX10002-36QDD, PTX10004, PTX10008, PTX10016 allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS).\\n\\nAn attacker on an adjacent device sending specific valid traffic can cause cfmd to spike the CPU to 100% and cfmman’s memory to leak, eventually to cause the FPC crash and restart.\\n\\nContinued receipt and processes of these specific valid packets will sustain the Denial of Service (DoS) condition.\\n\\nAn indicator of compromise is to watch\u00a0for an increase in cfmman memory rising over time by issuing the following command and evaluating the\u00a0RSS\u00a0number.\u00a0If the RSS is growing into GBs then consider restarting the device to temporarily clear memory.\\n \\n\u00a0 user@device\\u003e show system processes node fpc\\u003cnum\\u003e detail | match cfmman\\n\\nExample:\u00a0\\n\\n\u00a0 show system processes node fpc0 detail | match cfmman\u00a0\\n\u00a0 F S UID \u00a0 \u00a0 \u00a0 PID\u00a0 \u00a0 \u00a0 \u00a0PPID PGID \u00a0 SID\u00a0 \u00a0C PRI NI\u00a0 ADDR SZ\u00a0 \u00a0 WCHAN \u00a0 RSS\u00a0 \u00a0 \u00a0PSR STIME TTY \u00a0 \u00a0 \u00a0 \u00a0 TIME\u00a0 \u00a0 \u00a0CMD\\n\u00a0 4 S root\u00a0 \u00a0 \u00a0 15204 \u00a0 \u00a0 1\u00a0 \u00a0 15204\u00a0 15204 0 80\u00a0 0\u00a0 \u00a0– 90802\u00a0 \u00a0 \u00a0–\u00a0 \u00a0 \u00a0 113652\u00a0 \u00a04\u00a0 Sep25 ?\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a000:15:28 \/usr\/bin\/cfmman -p \/var\/pfe -o -c \/usr\/conf\/cfmman-cfg-active.xml\\nThis issue affects Junos OS Evolved on\u00a0PTX10001-36MR, PTX10002-36QDD, PTX10004, PTX10008, PTX10016:\\n\\n * from 23.2R1-EVO before 23.2R2-S4-EVO, \\n * from 23.4 before 23.4R2-S4-EVO, \\n * from 24.2 before 24.2R2-EVO, \\n * from 24.4 before 24.4R1-S2-EVO, 24.4R2-EVO.\\n\\n\\nThis issue does not affect Junos OS Evolved on\u00a0PTX10001-36MR, PTX10002-36QDD, PTX10004, PTX10008, PTX10016 before 23.2R1-EVO.”,”published”:”2025-10-09T15:40:52.572Z”,”modified”:”2025-10-09T19:49:35.262Z”,”type”:”cve”,”title”:”Junos OS Evolved: PTX Series except PTX10003: An unauthenticated adjacent attacker sending specific valid traffic can cause a memory leak in cfmman leading to FPC crash and restart”,”source”:”juniper”,”references”:”https:\/\/supportportal.juniper.net\/JSA103144\\nhttps:\/\/www.juniper.net\/documentation\/us\/en\/software\/junos\/network-mgmt\/topics\/topic-map\/cfm-configuring.html”,”id”:”CVE-2025-52961″,”bulletinFamily”:””,”cwe”:[“CWE-400″],”cvelist”:null,”sourceData”:”Juniper Networks Junos OS Evolved 23.2R1-EVO\\nJuniper Networks Junos OS Evolved 23.4-EVO\\nJuniper Networks Junos OS Evolved 24.2-EVO\\nJuniper Networks Junos OS Evolved 24.4-EVO”,”sourceHref”:””,”cvss”:{“score”:6.5,”severity”:”MEDIUM”,”vector”:”CVSS:3.1\/AV:A\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”Junos OS Evolved”,”version”:”23.2R1-EVO”,”vendor”:”Juniper Networks”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"

{“lastseen”:””,”description”:”An Uncontrolled Resource Consumption vulnerability in the Connectivity Fault Management (CFM) daemon\u00a0and the Connectivity Fault Management Manager (cfmman)\u00a0of Juniper Networks Junos OS Evolved on PTX10001-36MR,…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,26,12,21,13,7,11,5],"class_list":["post-20943","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-65","tag-exploit","tag-medium","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\nJunos OS Evolved: PTX Series except PTX10003: An unauthenticated adjacent attacker sending specific valid traffic can cause a memory leak in cfmman leading to FPC crash and restart_CVE-2025-52961 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=20943\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Junos OS Evolved: PTX Series except PTX10003: An unauthenticated adjacent attacker sending specific valid traffic can cause a memory leak in cfmman leading to FPC crash and restart_CVE-2025-52961 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"{“lastseen”:””,”description”:”An Uncontrolled Resource Consumption vulnerability in the Connectivity Fault Management (CFM) daemon\u00a0and the Connectivity Fault Management Manager (cfmman)\u00a0of Juniper Networks Junos OS Evolved on PTX10001-36MR,...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=20943\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-10-09T22:51:00+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20943#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20943\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"Junos OS Evolved: PTX Series except PTX10003: An unauthenticated adjacent attacker sending specific valid traffic can cause a memory leak in cfmman leading to FPC crash and restart_CVE-2025-52961\",\"datePublished\":\"2025-10-09T22:51:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20943\"},\"wordCount\":482,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-6.5\",\"exploit\",\"MEDIUM\",\"news\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_cve\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=20943#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20943\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20943\",\"name\":\"Junos OS Evolved: PTX Series except PTX10003: An unauthenticated adjacent attacker sending specific valid traffic can cause a memory leak in cfmman leading to FPC crash and restart_CVE-2025-52961 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-10-09T22:51:00+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20943#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=20943\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20943#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Junos OS Evolved: PTX Series except PTX10003: An unauthenticated adjacent attacker sending specific valid traffic can cause a memory leak in cfmman leading to FPC crash and restart_CVE-2025-52961\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Junos OS Evolved: PTX Series except PTX10003: An unauthenticated adjacent attacker sending specific valid traffic can cause a memory leak in cfmman leading to FPC crash and restart_CVE-2025-52961 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=20943","og_locale":"en_US","og_type":"article","og_title":"Junos OS Evolved: PTX Series except PTX10003: An unauthenticated adjacent attacker sending specific valid traffic can cause a memory leak in cfmman leading to FPC crash and restart_CVE-2025-52961 - zero redgem","og_description":"{“lastseen”:””,”description”:”An Uncontrolled Resource Consumption vulnerability in the Connectivity Fault Management (CFM) daemon\u00a0and the Connectivity Fault Management Manager (cfmman)\u00a0of Juniper Networks Junos OS Evolved on PTX10001-36MR,...","og_url":"https:\/\/zero.redgem.net\/?p=20943","og_site_name":"zero redgem","article_published_time":"2025-10-09T22:51:00+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=20943#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=20943"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"Junos OS Evolved: PTX Series except PTX10003: An unauthenticated adjacent attacker sending specific valid traffic can cause a memory leak in cfmman leading to FPC crash and restart_CVE-2025-52961","datePublished":"2025-10-09T22:51:00+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=20943"},"wordCount":482,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-6.5","exploit","MEDIUM","news","Security","tapic","Vulnerability"],"articleSection":["category_cve"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=20943#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=20943","url":"https:\/\/zero.redgem.net\/?p=20943","name":"Junos OS Evolved: PTX Series except PTX10003: An unauthenticated adjacent attacker sending specific valid traffic can cause a memory leak in cfmman leading to FPC crash and restart_CVE-2025-52961 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-10-09T22:51:00+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=20943#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=20943"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=20943#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"Junos OS Evolved: PTX Series except PTX10003: An unauthenticated adjacent attacker sending specific valid traffic can cause a memory leak in cfmman leading to FPC crash and restart_CVE-2025-52961"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/20943","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=20943"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/20943\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=20943"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=20943"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=20943"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}