Skip to main content

Juniper EUVD-2026-21197

| CVE-2026-33778 HIGH
Improper Validation of Syntactic Correctness of Input (CWE-1286)
2026-04-09 sirt@juniper.net GHSA-q559-6pc6-gxfh
Denial Of Service Juniper
8.7
CVSS 4.0
Share

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:M/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

7
Re-analysis Queued
Apr 17, 2026 - 17:37 vuln.today
cvss_changed
Analysis Updated
Apr 16, 2026 - 05:59 EUVD-patch-fix
executive_summary
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
24.2R2-S4,23.2R2-S6,22.4R3-S9
EUVD ID Assigned
Apr 09, 2026 - 22:22 euvd
EUVD-2026-21197
Analysis Generated
Apr 09, 2026 - 22:22 vuln.today
CVE Published
Apr 09, 2026 - 22:16 nvd
HIGH 8.7

DescriptionNVD

An Improper Validation of Syntactic Correctness of Input vulnerability in the IPsec library used by kmd and iked of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated, network-based attacker to cause a complete Denial-of-Service (DoS).

If an affected device receives a specifically malformed first ISAKMP packet from the initiator, the kmd/iked process will crash and restart, which momentarily prevents new security associations (SAs) for from being established. Repeated exploitation of this vulnerability causes a complete inability to establish new VPN connections.

This issue affects Junos OS on

SRX Series and MX Series:

  • all versions before 22.4R3-S9,
  • 23.2 version before 23.2R2-S6,
  • 23.4 version before 23.4R2-S7,
  • 24.2 versions before 24.2R2-S4,
  • 24.4 versions before 24.4R2-S3,
  • 25.2 versions before 25.2R1-S2, 25.2R2.

AnalysisAI

Remote denial-of-service in Juniper Networks Junos OS (SRX/MX Series) allows unauthenticated attackers to crash IPsec daemons via malformed ISAKMP packets. Exploiting the improper input validation (CWE-1286) in kmd/iked IPsec library causes process restart, preventing new VPN security association establishment. …

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

Within 24 hours: Identify all SRX/MX Series deployments in production and retrieve vendor patch details from Juniper security advisory. Within 7 days: Apply Juniper-released patch to non-critical or test devices to validate compatibility with your environment. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

More from same product – last 7 days

CVE-2026-48687 CRITICAL
9.8 May 26

OS command injection in FastNetMon Community Edition (through 1.2.9) lets attacker-controlled input reach an unescaped e

Share

EUVD-2026-21197 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy