A missing return value check in Juniper Networks Junos OS DNS processing causes a fault when flowd receives a specially crafted DNS request. The fault terminates the flowd process, which then restarts automatically. Since flowd is responsible for packet flow handling, the crash leads to a temporary loss of networking services on the affected SRX device, effectively denying connectivity until the process recovers. The vulnerability does not allow code execution or privilege escalation; its impact is limited to availability.

Juniper Networks Junos OS on SRX Series devices. Applications running on SRX1500, SRX1600, SRX2300, SRX300, SRX320, SRX340, SRX345, SRX380, SRX4100, SRX4120, SRX4200, SRX4300, SRX4600, SRX4700, SRX5400, SRX5600, SRX5800 are affected if they employ the DNS module. Versions of Junos OS before 23.4R1 are unaffected. The CVE notes that a service running version 23.4 before 23.4R2‑S5, 24.2 before 24.2R2‑S1, or 24.4 before 24.4R2 is vulnerable.

The CVSS score of 8.7 indicates a high‑severity availability flaw, but the EPSS score of less than 1% suggests a very low probability of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog, indicating that known exploits have not yet been observed or reported. Exploitation requires only network reachability to the device’s DNS service; no authentication is necessary. An attacker could send the malformed DNS packet from any external source, cause a crash, and disrupt the SRX device’s connectivity until the firewall recovers. The impact is a DoS of the device’s flow handling subsystem, which can lead to loss of network services for affected customers.