Juniper Junos OS Multiple Vulnerabilities
Release Date: 9 Jul 2026
RISK: Medium Risk
TYPE: Operating Systems - Networks OS
Multiple vulnerabilities were identified in Juniper Junos OS. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, sensitive information disclosure and security restriction bypass on the targeted system.
Impact
- Denial of Service
- Remote Code Execution
- Information Disclosure
- Security Restriction Bypass
System / Technologies affected
- Junos OS
- Junos OS Evolved
Please refer to the link below for detail:
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Please refer to 2026-07 Security Bulletin.
Vulnerability Identifier
- CVE-2020-7450
- CVE-2026-21901
- CVE-2026-33794
- CVE-2026-33799
- CVE-2026-33800
- CVE-2026-33801
- CVE-2026-33802
- CVE-2026-33803
- CVE-2026-57019
- CVE-2026-57020
- CVE-2026-57021
- CVE-2026-57022
- CVE-2026-57023
- CVE-2026-57024
- CVE-2026-57025
- CVE-2026-57026
- CVE-2026-57027
- CVE-2026-57028
- CVE-2026-57029
- CVE-2026-57030
- CVE-2026-57031
- CVE-2026-57032
- CVE-2026-57054
Source
Related Link
- https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-a-specifically-malformed-BGP-route-update-is-received-RPD-crashes-CVE-2026-33801
- https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-MX-Series-Specific-traffic-causes-an-FPC-to-reset-CVE-2026-57019
- https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-Evolved-A-port-which-has-been-inadvertently-exposed-can-be-reached-by-an-attacker-CVE-2026-33803
- https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-SRX-Series-If-VPN-compliance-check-is-configured-an-attacker-can-cause-http-gk-process-crash-CVE-2026-57021
- https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-MX-Series-For-subscribers-configured-on-static-interfaces-input-filters-are-not-in-effect-CVE-2026-57031
- https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-MX-with-SPC3-SRX-Series-Repeated-VPN-negotiation-failures-will-eventually-cause-iked-to-crash-continuously-CVE-2026-57024
- https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-MX-Series-with-SPC3-SRX-Series-Specific-packet-in-response-to-a-TCP-connection-establishment-by-the-affected-device-can-crash-the-PFE-CVE-2026-57022
- https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-specific-SNMPv3-request-results-in-memory-leak-and-eventual-snmpd-crash-CVE-2026-33799
- https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-QFX10000-Series-IPv6-multicast-traffic-received-on-non-IRB-interfaces-causes-a-multicast-flood-CVE-2026-57020
- https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-EX4100-Series-EX4400-With-sFlow-configured-in-a-VC-scenario-multicast-traffic-leads-to-an-FPC-crash-CVE-2026-57027
- https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-EX-Series-Unauthorized-users-can-execute-service-impacting-CLI-command-CVE-2026-33802
- https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-MX-Series-with-SPC3-SRX-Series-A-specifically-malformed-TCP-packet-causes-a-flowd-crash-CVE-2026-57023
- https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-MX-Series-In-a-VC-scenario-a-high-rate-of-micro-BFD-session-flaps-will-cause-an-FPC-crash-CVE-2026-33800
- https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-Evolved-QFX-Series-When-sFlow-collector-reachability-changes-evo-pfemand-process-can-crash-CVE-2026-57029
- https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-Evolved-PTX-Series-Receipt-of-repeated-ECMP-routing-updates-results-in-PFE-crash-CVE-2026-33794
- https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-MX-Series-Web-filtering-doesn-t-block-specifically-formatted-URLs-CVE-2026-57054
- https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Configuration-of-a-specific-SSH-option-results-in-mgd-crash-CVE-2026-21901
- https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-SRX-Series-Flow-sessions-are-not-getting-cleared-leading-to-a-DoS-CVE-2026-57030
- https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-EX-Series-Subscribing-to-an-unsupported-telemetry-sensor-path-causes-fxpc-process-crash-CVE-2026-57032
- https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-EX-Series-QFX-Series-MX-Series-A-specific-show-l2-learning-command-causes-l2ald-crash-CVE-2026-57025
- https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-Evolved-URL-handling-vulnerability-in-libfetch-results-in-heap-buffer-overflow-CVE-2020-7450
- https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-MX-Series-with-SPC3-SRX-Series-Processing-of-a-specifically-malformed-SIP-invite-causes-a-flowd-crash-CVE-2026-57026
- https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-Evolved-A-port-which-has-been-inadvertently-exposed-can-be-reached-by-an-attacker-CVE-2026-57028
沒有留言:
發佈留言