CVE-2026-33786
Improper Condition Check in Junos chassisd Causes DoS
Publication date: 2026-04-09
Last updated on: 2026-04-17
Assigner: Juniper Networks, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| juniper | junos | 24.4 |
| juniper | junos | 24.4 |
| juniper | junos | 24.4 |
| juniper | junos | 24.4 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-754 | The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Improper Check for Unusual or Exceptional Conditions in the chassis control daemon (chassisd) of Juniper Networks Junos OS on SRX1600, SRX2300, and SRX4300 devices.
A local attacker with low privileges can trigger this vulnerability by executing a specific 'show chassis' CLI command, which causes the chassisd process to crash and restart.
The crash and restart of chassisd cause a momentary Denial of Service (DoS) impact, temporarily disrupting all traffic until all modules come back online.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability is triggered when a specific 'show chassis' CLI command is executed, causing the chassis control daemon (chassisd) to crash and restart.
To detect this vulnerability on your system, you can monitor the behavior of the chassisd process for unexpected crashes or restarts, especially after running 'show chassis' commands.
Suggested command to observe the issue: execute the 'show chassis' command on the affected Junos OS devices (SRX1600, SRX2300, SRX4300) and monitor if the chassisd daemon crashes or restarts.
Additionally, checking system logs for chassisd crashes or restarts after running 'show chassis' commands can help detect the vulnerability.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, avoid executing the specific 'show chassis' CLI command that triggers the chassisd crash on affected Junos OS versions.
Upgrade the Junos OS on SRX1600, SRX2300, and SRX4300 devices to versions 24.4R1 or later, as versions before 24.4R1-S3 and 24.4R2 are affected.
Monitor the chassisd daemon for stability and unexpected restarts, and apply any patches or updates provided by Juniper Networks addressing this issue.
How can this vulnerability impact me? :
The primary impact of this vulnerability is a Denial of Service (DoS) condition on affected Juniper devices.
When exploited, the chassis control daemon crashes and restarts, causing a temporary disruption of all network traffic handled by the device.
This momentary outage can affect network availability and potentially interrupt business operations relying on continuous network connectivity.