CVE-2026-21919
Incorrect Synchronization in Junos mgd Causes Management Plane DoS
Publication date: 2026-04-09
Last updated on: 2026-04-17
Assigner: Juniper Networks, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| juniper | junos | 23.4 |
| juniper | junos | 23.4 |
| juniper | junos | 23.4 |
| juniper | junos | 24.2 |
| juniper | junos | 24.2 |
| juniper | junos | 23.4 |
| juniper | junos | 23.4 |
| juniper | junos | 23.4 |
| juniper | junos | 23.4 |
| juniper | junos | 23.4 |
| juniper | junos | 24.2 |
| juniper | junos | 24.2 |
| juniper | junos | 24.2 |
| juniper | junos | 24.4 |
| juniper | junos | 24.4 |
| juniper | junos | 24.4 |
| juniper | junos | 24.4 |
| juniper | junos_os_evolved | 24.2 |
| juniper | junos_os_evolved | 24.2 |
| juniper | junos_os_evolved | 23.4 |
| juniper | junos_os_evolved | 23.4 |
| juniper | junos_os_evolved | 23.4 |
| juniper | junos_os_evolved | 23.4 |
| juniper | junos_os_evolved | 23.4 |
| juniper | junos_os_evolved | 23.4 |
| juniper | junos_os_evolved | 23.4 |
| juniper | junos_os_evolved | 23.4 |
| juniper | junos_os_evolved | 23.4 |
| juniper | junos_os_evolved | 24.2 |
| juniper | junos_os_evolved | 24.2 |
| juniper | junos_os_evolved | 24.4 |
| juniper | junos_os_evolved | 24.4 |
| juniper | junos_os_evolved | 24.4 |
| juniper | junos_os_evolved | 24.4 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-821 | The product utilizes a shared resource in a concurrent manner, but it does not correctly synchronize access to the resource. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Incorrect Synchronization issue in the management daemon (mgd) of Juniper Networks Junos OS and Junos OS Evolved. It allows a network-based attacker with low privileges to cause a complete Denial-of-Service (DoS) of the management plane.
The problem occurs when NETCONF sessions are quickly established and disconnected, causing a locking issue that makes mgd processes hang in an unusable state. Once the maximum number of mgd processes is reached, no new logins are possible, preventing management of the device until it is power-cycled.
How can this vulnerability impact me? :
This vulnerability can cause a complete Denial-of-Service (DoS) of the management plane on affected Junos OS and Junos OS Evolved devices.
As a result, you will be unable to manage the device remotely or locally through the management daemon until the device is power-cycled or the hung mgd processes are manually terminated if possible.
This can lead to operational disruptions and increased downtime, especially if the device is critical to your network infrastructure.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for mgd processes in a lockf state on the affected device.
You can use the following command to check for mgd processes in the lockf state:
- show system processes extensive | match mgd
If mgd processes are found in the lockf state, it indicates the presence of the issue.
What immediate steps should I take to mitigate this vulnerability?
If the system is still accessible, you can mitigate the issue by terminating the mgd processes that are in the lockf state.
You can terminate these processes using either of the following commands:
- From the CLI: request system process terminate <PID>
- From the shell: kill -9 <PID>
If the maximum number of mgd processes has been reached and no new logins are possible, a power-cycle of the device may be required to recover.