Which versions of Juniper are affected by CVE-2026-33797?

Juniper Networks Junos OS 25.2 and Junos OS Evolved 25.2-EVO contain a BGP session reset vulnerability confirmed actively exploited (CISA KEV) that allows adjacent network attackers to repeatedly…. A patch is available.

Juniper CVE-2026-33797

Q: What is the CVSS score of CVE-2026-33797?

CVE-2026-33797 has a CVSS 4.0 base score of 7.1 (High). CVSS vector: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:C/RE:M/U:Green. EPSS exploitation probability: 0.0%.

EUVD-2026-21208 HIGH

Improper Input Validation (CWE-20)

2026-04-09 sirt@juniper.net

GHSA-3rpc-j6fw-646r

Denial Of Service Juniper

7.1

CVSS 4.0

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:C/RE:M/U:Green

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Re-analysis Queued

Apr 16, 2026 - 18:52 vuln.today

cvss_changed

Analysis Updated

Apr 16, 2026 - 05:59 EUVD-patch-fix

executive_summary

Re-analysis Queued

Apr 16, 2026 - 05:29 backfill_euvd_patch

patch_released

Patch available

Apr 16, 2026 - 05:29 EUVD

25.2R2,25.2R2-EVO

EUVD ID Assigned

Apr 09, 2026 - 22:22 euvd

EUVD-2026-21208

Analysis Generated

Apr 09, 2026 - 22:22 vuln.today

CVE Published

Apr 09, 2026 - 22:16 nvd

HIGH 7.1

DescriptionNVD

An Improper Input Validation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker, sending a specific genuine BGP packet in an already established BGP session to reset only that session causing a Denial of Service (DoS).

An attacker repeatedly sending the packet will sustain the Denial of Service (DoS).This issue affects Junos OS:

25.2 versions before 25.2R2

This issue doesn't not affected Junos OS versions before 25.2R1.

This issue affects Junos OS Evolved:

25.2-EVO versions before 25.2R2-EVO

This issue doesn't not affected Junos OS Evolved versions before 25.2R1-EVO.

eBGP and iBGP are affected. IPv4 and IPv6 are affected.

AnalysisAI

BGP session reset vulnerability in Juniper Networks Junos OS 25.2 and Junos OS Evolved 25.2-EVO allows adjacent unauthenticated attackers to trigger Denial of Service by sending malformed BGP packets within established sessions. Affects both eBGP and iBGP implementations across IPv4 and IPv6. …

RemediationAI

Within 24 hours: Identify all Juniper devices running Junos OS 25.2 or Junos OS Evolved 25.2-EVO in production via asset inventory and network reconnaissance; prioritize border/core routers with active BGP sessions. Within 7 days: Apply vendor-released patch to all affected Junos OS 25.2 and Junos OS Evolved 25.2-EVO systems, beginning with BGP edge devices; perform staged patching with validation of BGP session stability post-update. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

More from same product – last 7 days

CVE-2026-48687 CRITICAL Act Now

9.8 May 26

OS command injection in FastNetMon Community Edition (through 1.2.9) lets attacker-controlled input reach an unescaped e

CVE-2026-33797 vulnerability details – vuln.today

Back

Juniper CVE-2026-33797

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

More from same product – last 7 days

Share

Juniper CVE-2026-33797

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

More from same product – last 7 days

Share

External POC / Exploit Code