CVE-2026-33794
Awaiting Analysis Awaiting Analysis - Queue

Denial-of-Service in Juniper Networks Junos OS Evolved

Vulnerability report for CVE-2026-33794, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-09

Last updated on: 2026-07-10

Assigner: Juniper Networks, Inc.

Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the advanced forwarding toolkit (evo-aftmand) of Juniper Networks Junos OS Evolved on PTX Series allows an unauthenticated network-based attacker generating continuous routing updates, resulting in unilist ECMP routes, to crash the evo-aftmand process on the PFE, leading to a Denial-of-Service (DoS). The conditions required for successful exploitation are based on a sequence of events that are outside an attacker's direct control. Unified list (unilist) ECMP routes are a specific ECMP behavior where multiple equal-cost routes share a single logical next-hop list entry. The router treats them as one route with multiple next hops and load balances traffic across that unified list. Due to an issue processing unilist ECMP routing updates, internal state corruption may occur, especially in large-scale ECMP unilist deployments, leading to the evo-aftmand process crashing, resulting in an evo-aftmand-bx core. Manual intervention is required to recover by rebooting the system or restarting the FPC. This issue affects Junos OS Evolved on PTX : * from 24.4R2-EVO before 24.4R2-S3-EVO; * from 25.2 before 25.2R2-EVO.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-09
Last Modified
2026-07-10
Generated
2026-07-11
AI Q&A
2026-07-10
EPSS Evaluated
N/A
NVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
juniper_networks junos_os_evolved From 24.4r2-evo (inc) to 24.4r2-s3-evo (exc)
juniper_networks junos_os_evolved From 25.2 (inc) to 25.2r2-evo (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-754 The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is an Improper Check for Unusual or Exceptional Conditions in the advanced forwarding toolkit (evo-aftmand) of Juniper Networks Junos OS Evolved on PTX Series devices.

An unauthenticated network-based attacker can generate continuous routing updates that create unified list (unilist) ECMP routes, which are a specific type of equal-cost multipath routing where multiple routes share a single logical next-hop list.

Due to an issue processing these unilist ECMP routing updates, internal state corruption may occur, especially in large-scale deployments, causing the evo-aftmand process on the Packet Forwarding Engine (PFE) to crash.

This crash leads to a Denial-of-Service (DoS) condition requiring manual recovery by rebooting the system or restarting the Flexible PIC Concentrator (FPC).

The conditions for successful exploitation depend on a sequence of events outside the attacker's direct control.

Impact Analysis

The primary impact of this vulnerability is a Denial-of-Service (DoS) on affected Juniper PTX Series devices running Junos OS Evolved.

An attacker can cause the evo-aftmand process to crash by sending continuous routing updates that trigger internal state corruption.

This crash disrupts normal routing operations on the device, potentially leading to network outages or degraded performance.

Recovery from this condition requires manual intervention such as rebooting the system or restarting the affected hardware component.

Mitigation Strategies

To recover from an exploitation of this vulnerability, manual intervention is required by either rebooting the system or restarting the Flexible PIC Concentrator (FPC).

Since the vulnerability affects the evo-aftmand process on the Packet Forwarding Engine (PFE) and leads to a crash, immediate mitigation involves avoiding conditions that generate continuous routing updates resulting in unilist ECMP routes.

Additionally, upgrading Junos OS Evolved on PTX Series devices to versions 24.4R2-S3-EVO or later, or 25.2R2-EVO or later, will address the vulnerability.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-33794. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart