Critical DoS Vulnerabilities Found in Juniper Junos OS

Severity: High (Score: 72.0)

Sources: nvd.nist.gov, Ccb.Belgium.Be, supportportal.juniper.net

Summary

Two vulnerabilities, CVE-2026-33782 and CVE-2026-33783, have been identified in Juniper Junos OS that could allow attackers to trigger a complete Denial of Service (DoS) on affected devices. CVE-2026-33782 (CVSS 8.7) affects the DHCP daemon on MX Series, enabling an adjacent, unauthenticated attacker to cause a memory leak leading to DoS. CVE-2026-33783 (CVSS 7.1) affects the sensor interface on PTX Series, allowing a network-based, authenticated attacker with low privileges to cause a complete DoS. The issue arises when SRTE policy tunnels are provisioned via PCEP and monitored using gRPC, resulting in the evo-aftmand crashing without automatic recovery. The vulnerabilities impact various versions of Junos OS Evolved, and organizations are urged to install patches immediately after testing. The Centre for Cybersecurity Belgium has recommended enhancing monitoring and detection capabilities to mitigate potential exploitation. Historical compromises may not be remediated by patching alone. Key Points: • Two critical vulnerabilities in Juniper Junos OS can lead to complete DoS. • CVE-2026-33782 affects MX Series, while CVE-2026-33783 affects PTX Series. • Immediate patching and enhanced monitoring are recommended to mitigate risks.

Key Entities

• DDoS (attack_type)
• Denial of Service (attack_type)
• Juniper Networks (company)
• Belgium (country)
• CVE-2026-33782 (cve)
• CVE-2026-33783 (cve)
• GRPC (platform)
• Juniper Networks Junos OS (platform)
• Junos OS Evolved (platform)
• Junos OS Evolved On PTX Series (platform)
• MX Series (platform)