Skip to main content

Juniper CVE-2026-33790

| EUVD-2026-21206 HIGH
Improper Check for Unusual or Exceptional Conditions (CWE-754)
2026-04-09 sirt@juniper.net GHSA-9cqr-g7fq-8jf6
Denial Of Service Juniper
8.7
CVSS 4.0
Share

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:C/RE:M/U:Amber
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

7
Re-analysis Queued
Apr 17, 2026 - 17:22 vuln.today
cvss_changed
Analysis Updated
Apr 16, 2026 - 05:59 EUVD-patch-fix
executive_summary
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
25.2R1-S2,21.2R3-S10,21.4R3-S12
EUVD ID Assigned
Apr 09, 2026 - 22:22 euvd
EUVD-2026-21206
Analysis Generated
Apr 09, 2026 - 22:22 vuln.today
CVE Published
Apr 09, 2026 - 22:16 nvd
HIGH 8.7

DescriptionNVD

An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon (flowd) of Juniper Networks Junos OS on SRX Series allows an attacker sending a specific, malformed ICMPv6 packet to cause the srxpfe process to crash and restart. Continued receipt and processing of these packets will repeatedly crash the srxpfe process and sustain the Denial of Service (DoS) condition.

During NAT64 translation, receipt of a specific, malformed ICMPv6 packet destined to the device will cause the srxpfe process to crash and restart.

This issue cannot be triggered using IPv4 nor other IPv6 traffic.

This issue affects Junos OS on SRX Series:

  • all versions before 21.2R3-S10,
  • all versions of 21.3,
  • from 21.4 before 21.4R3-S12,
  • all versions of 22.1,
  • from 22.2 before 22.2R3-S8,
  • all versions of 22.4,
  • from 22.4 before 22.4R3-S9,
  • from 23.2 before 23.2R2-S6,
  • from 23.4 before 23.4R2-S7,
  • from 24.2 before 24.2R2-S3,
  • from 24.4 before 24.4R2-S3,
  • from 25.2 before 25.2R1-S2, 25.2R2.

AnalysisAI

Denial of service in Juniper Networks Junos OS on SRX Series allows unauthenticated remote attackers to crash srxpfe process via malformed ICMPv6 packets during NAT64 translation. Repeated exploitation sustains DoS by forcing continuous process restarts. …

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

Within 24 hours: Inventory all Juniper SRX Series appliances and document current Junos OS versions in your environment. Within 7 days: Contact Juniper Networks for the specific patched version applicable to your SRX model and schedule maintenance windows. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

More from same product – last 7 days

CVE-2026-48687 CRITICAL
9.8 May 26

OS command injection in FastNetMon Community Edition (through 1.2.9) lets attacker-controlled input reach an unescaped e

Share

CVE-2026-33790 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy