{"uuid": "14f686c9-7804-4ac8-851a-01c3af63406d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30646", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11160", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30646\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: A Signed to Unsigned Conversion Error vulnerability in the Layer 2 Control Protocol daemon (l2cpd) of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an unauthenticated adjacent attacker sending a specifically malformed LLDP TLV to cause the l2cpd process to crash and restart, causing a Denial of Service (DoS).\u00a0 Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition.\n\nWhen an LLDP telemetry subscription is active, receipt of a specifically malformed LLDP TLV causes the l2cpd process to crash and restart.\n\n\n\nThis issue affects:\n\nJunos OS: \n\n\n  *  All versions before 21.2R3-S9,\u00a0\n  *  from 21.4 before 21.4R3-S10,\u00a0\n  *  from 22.2 before 22.2R3-S6,\u00a0\n  *  from 22.4 before 22.4R3-S6,\u00a0\n  *  from 23.2 before 23.2R2-S3,\u00a0\n  *  from 23.4 before 23.4R2-S4,\u00a0\n  *  from 24.2 before 24.2R2;\u00a0\n\n\n\n\nJunos OS Evolved:\u00a0\n\n\n\n  *  All versions before 21.4R3-S10-EVO,\n  *  from 22.2-EVO before 22.2R3-S6-EVO,\u00a0\n  *  from 22.4-EVO before 22.4R3-S6-EVO,\u00a0\n  *  from 23.2-EVO before 23.2R2-S3-EVO,\u00a0\n  *  from 23.4-EVO before 23.4R2-S4-EVO,\u00a0\n  *  from 24.2-EVO before 24.2R2-EVO.\n\ud83d\udccf Published: 2025-04-09T19:53:27.087Z\n\ud83d\udccf Modified: 2025-04-09T20:39:47.342Z\n\ud83d\udd17 References:\n1. https://supportportal.juniper.net/JSA96456", "creation_timestamp": "2025-04-09T20:48:24.000000Z"}