CVE-2026-33783
Received Received - Intake
Function Call Type Error in Junos PTX Causes DoS

Publication date: 2026-04-09

Last updated on: 2026-04-17

Assigner: Juniper Networks, Inc.

Description
A Function Call With Incorrect Argument Type vulnerability in the sensor interface of Juniper Networks Junos OS Evolved on PTX Series allows a network-based, authenticated attacker with low privileges to cause a complete Denial of Service (DoS). If colored SRTE policy tunnels are provisioned via PCEP, and gRPC is used to monitor traffic in these tunnels, evo-aftmand crashes and doesn't restart which leads to a complete and persistent service impact. The system has to be manually restarted to recover. The issue is seen only when the Originator ASN field in PCEP contains a value larger than 65,535 (32-bit ASN). The issue is not reproducible when SRTE policy tunnels are statically configured. This issue affects Junos OS Evolved on PTX Series:Β  * all versions before 22.4R3-S9-EVO, * 23.2 versions before 23.2R2-S6-EVO, * 23.4 versions before 23.4R2-S7-EVO, * 24.2 versions before 24.2R2-S4-EVO, * 24.4 versions before 24.4R2-S2-EVO, * 25.2 versions before 25.2R1-S2-EVO, 25.2R2-EVO.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-09
Last Modified
2026-04-17
Generated
2026-05-07
AI Q&A
2026-04-10
EPSS Evaluated
2026-05-05
NVD
CVE-2026-33783
EUVD
EUVD-2026-21201
Affected Vendors & Products
Showing 54 associated CPEs
Vendor Product Version / Range
juniper junos_os_evolved 22.4
juniper junos_os_evolved 22.4
juniper junos_os_evolved 22.4
juniper junos_os_evolved 22.4
juniper junos_os_evolved 23.2
juniper junos_os_evolved 23.2
juniper junos_os_evolved 23.2
juniper junos_os_evolved 22.4
juniper junos_os_evolved 22.4
juniper junos_os_evolved 22.4
juniper junos_os_evolved 23.2
juniper junos_os_evolved 23.2
juniper junos_os_evolved 23.2
juniper junos_os_evolved 22.4
juniper junos_os_evolved 24.2
juniper junos_os_evolved 24.2
juniper junos_os_evolved 23.4
juniper junos_os_evolved 23.4
juniper junos_os_evolved 23.4
juniper junos_os_evolved 23.2
juniper junos_os_evolved 22.4
juniper junos_os_evolved 22.4
juniper junos_os_evolved to 22.4 (exc)
juniper junos_os_evolved 23.4
juniper junos_os_evolved 23.4
juniper junos_os_evolved 22.4
juniper junos_os_evolved 22.4
juniper junos_os_evolved 22.4
juniper junos_os_evolved 22.4
juniper junos_os_evolved 22.4
juniper junos_os_evolved 23.2
juniper junos_os_evolved 23.2
juniper junos_os_evolved 23.4
juniper junos_os_evolved 23.4
juniper junos_os_evolved 23.4
juniper junos_os_evolved 23.4
juniper junos_os_evolved 23.4
juniper junos_os_evolved 24.2
juniper junos_os_evolved 24.2
juniper junos_os_evolved 24.2
juniper junos_os_evolved 24.2
juniper junos_os_evolved 24.4
juniper junos_os_evolved 24.4
juniper junos_os_evolved 24.4
juniper junos_os_evolved 24.4
juniper junos_os_evolved 24.4
juniper junos_os_evolved 25.2
juniper junos_os_evolved 25.2
juniper junos_os_evolved 25.2
juniper junos_os_evolved 25.2
juniper junos_os_evolved 23.4
juniper junos_os_evolved 23.2
juniper junos_os_evolved 24.2
juniper junos_os_evolved 24.4
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-686 The product calls a function, procedure, or routine, but the caller specifies an argument that is the wrong data type, which may lead to resultant weaknesses.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a Function Call With Incorrect Argument Type issue in the sensor interface of Juniper Networks Junos OS Evolved on PTX Series devices.

It allows a network-based, authenticated attacker with low privileges to cause a complete Denial of Service (DoS) by crashing the evo-aftmand process when colored SRTE policy tunnels are provisioned via PCEP and gRPC is used to monitor traffic in these tunnels.

The crash occurs specifically when the Originator ASN field in PCEP contains a value larger than 65,535 (32-bit ASN), and the process does not restart automatically, requiring a manual system restart to recover.

This issue does not occur when SRTE policy tunnels are statically configured.


How can this vulnerability impact me? :

The vulnerability can cause a complete and persistent Denial of Service (DoS) on affected Junos OS Evolved PTX Series devices.

Because the evo-aftmand process crashes and does not restart automatically, network services relying on this process will be disrupted until the system is manually restarted.

This can lead to significant network downtime and service unavailability, impacting network reliability and operations.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, you should upgrade Junos OS Evolved on PTX Series devices to a fixed version. The affected versions are all versions before 22.4R3-S9-EVO, 23.2 versions before 23.2R2-S6-EVO, 23.4 versions before 23.4R2-S7-EVO, 24.2 versions before 24.2R2-S4-EVO, 24.4 versions before 24.4R2-S2-EVO, and 25.2 versions before 25.2R1-S2-EVO and 25.2R2-EVO.

Since the issue causes evo-aftmand to crash and not restart when colored SRTE policy tunnels are provisioned via PCEP with gRPC monitoring, and the Originator ASN field in PCEP contains a value larger than 65,535, avoid using such configurations until the system is patched.

If the service impact occurs, a manual system restart is required to recover.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart