Which versions of Juniper are affected by CVE-2026-21902?

A critical vulnerability in Juniper PTX Series routers allows unauthenticated attackers to execute code with root privileges, potentially compromising core network infrastructure and all connected…

Juniper CVE-2026-21902

Q: What is the CVSS score of CVE-2026-21902?

CVE-2026-21902 has a CVSS 4.0 base score of 9.3 (Critical). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:X/RE:M/U:Red. EPSS exploitation probability: 0.3%.

CRITICAL

Incorrect Permission Assignment for Critical Resource (CWE-732)

2026-02-25 sirt@juniper.net

Information Disclosure Juniper

9.3

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:X/RE:M/U:Red

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

CVE Published

Feb 25, 2026 - 18:23 nvd

CRITICAL 9.3

DescriptionNVD

An Incorrect Permission Assignment for Critical Resource vulnerability in the On-Box Anomaly detection framework of Juniper Networks Junos OS Evolved on PTX Series allows an unauthenticated, network-based attacker to execute code as root.

The On-Box Anomaly detection framework should only be reachable by other internal processes over the internal routing instance, but not over an externally exposed port. With the ability to access and manipulate the service to execute code as root a remote attacker can take complete control of the device. Please note that this service is enabled by default as no specific configuration is required.

This issue affects Junos OS Evolved on PTX Series:

25.4 versions before 25.4R1-S1-EVO, 25.4R2-EVO.

This issue does not affect Junos OS Evolved versions before 25.4R1-EVO.

This issue does not affect Junos OS.

AnalysisAI

Incorrect permission assignment on critical resources in Juniper Networks On-Box Anomaly detection framework. Allows unauthorized modification of anomaly detection configuration, potentially disabling security monitoring.

RemediationAI

Within 24 hours: Inventory all PTX Series devices in production and assess network exposure to untrusted sources; implement emergency network segmentation to restrict access to affected devices. Within 7 days: Deploy compensating controls (network ACLs, firewall rules) to block external access to the On-Box Anomaly detection framework; coordinate with Juniper for patch timeline and testing procedures. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

More from same product – last 7 days

CVE-2026-48687 CRITICAL Act Now

9.8 May 26

OS command injection in FastNetMon Community Edition (through 1.2.9) lets attacker-controlled input reach an unescaped e

CVE-2026-21902 vulnerability details – vuln.today

Back

Juniper CVE-2026-21902

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

More from same product – last 7 days

Share

Juniper CVE-2026-21902

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

More from same product – last 7 days

Share

External POC / Exploit Code