CVE-2026-33797
Improper Input Validation in Junos BGP Causes DoS
Publication date: 2026-04-09
Last updated on: 2026-04-23
Assigner: Juniper Networks, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| juniper | junos | 25.2 |
| juniper | junos | 25.2 |
| juniper | junos | 25.2 |
| juniper | junos_os_evolved | 25.2 |
| juniper | junos_os_evolved | 25.2 |
| juniper | junos_os_evolved | 25.2 |
| juniper | junos | 25.2 |
| juniper | junos_os_evolved | 25.2 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-20 | The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Improper Input Validation issue in Juniper Networks Junos OS and Junos OS Evolved. It allows an unauthenticated, adjacent attacker to send a specific genuine BGP packet within an already established BGP session to reset only that session.
By repeatedly sending this packet, the attacker can sustain a Denial of Service (DoS) condition on the targeted BGP session.
Both eBGP and iBGP sessions are affected, and it impacts both IPv4 and IPv6.
The vulnerability affects Junos OS versions 25.2 before 25.2R2 and Junos OS Evolved versions 25.2-EVO before 25.2R2-EVO.
How can this vulnerability impact me? :
This vulnerability can cause a Denial of Service (DoS) on BGP sessions by allowing an attacker to reset those sessions repeatedly.
A sustained DoS on BGP sessions can disrupt network routing, potentially causing network outages or degraded network performance.