An improperly validated SSL packet received by the UTM Web-Filtering module of Juniper Networks Junos OS can trigger a crash of the Forwarding Plane Cache (FPC) and force a device restart, thereby disrupting network connectivity for anyone relying on the SRX router. The flaw resides in the syntactic validation of input data; a specifically malformed SSL packet can overwrite or corrupt memory used by the FPC, leading to a denial‑of‑service condition. Because this crash occurs during normal packet processing, any attacker able to send traffic to the filtered port can potentially cause the outage with no authentication required.

The vulnerability affects Juniper Networks Junos OS running on the SRX Series, including models SRX1500, SRX1600, SRX2300, SRX300, SRX320, SRX340, SRX345, SRX380, SRX4100, SRX4120, SRX4200, SRX4300, SRX4600, SRX4700, SRX5400, SRX5600, and SRX5800. Versions of Junos OS up to 23.2R2‑S4, 23.4R2‑S4, 24.2R2‑S1, 24.4R1‑S2, 24.4R2 and earlier are impacted; the flaw is patched in 23.2R2‑S5, 23.4R2‑S5, 24.2R2‑S2, 24.4R1‑S3, 24.4R2, 25.2R1 and all subsequent releases.

The CVSS score of 8.7 classifies this as high‑severity due to its denial‑of‑service impact and lack of authentication. EPSS is reported as less than 1% so the probability of exploitation in the wild is currently low, though the vector is simple: an unauthenticated attacker can craft a malformed SSL packet and send it over the network. The issue is not listed in the CISA KEV catalog, indicating that no publicly documented exploit exists at this time. Nevertheless, because the flaw can bring the device down without any user interaction, organizations should consider it a significant risk, especially in environments where the SRX handles critical traffic.