CVE-2026-33799
Awaiting Analysis Awaiting Analysis - Queue

Out-of-Bounds Write in Juniper Networks Junos OS SNMP Daemon

Vulnerability report for CVE-2026-33799, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-09

Last updated on: 2026-07-10

Assigner: Juniper Networks, Inc.

Description

An Out-of-bounds Write vulnerability in the SNMP daemon (snmpd) of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated network-based attacker sending specific valid SNMPv3 queries to trigger a memory leak. Over time, continuous receipt of these queries will result in snmpd process memory exhaustion, resulting in a process crash and restart, impacting the ability to monitor the system via SNMP. Memory usage can be monitored using the following command: user@device> show system processes extensive | match snmpd This issue affects: Junos OS: * all versions before 21.2R3-S8; * from 21.4 before 21.4R3-S7; * from 22.1 before 22.1R3-S6; * from 22.2 before 22.2R3-S4; * from 22.3 before 22.3R3-S3; * from 22.4 before 22.4R3-S2; * from 23.2 before 23.2R2; * from 23.4 before 23.4R2. Junos OS Evolved: * all versions before 21.2R3-S8-EVO; * from 21.4 before 21.4R3-S7-EVO; * all versions of 22.1-EVO, * from 22.2 before 22.2R3-S4-EVO; * from 22.3 before 22.3R3-S3-EVO; * all versions of 22.4-EVO, * from 23.2 before 23.2R2-EVO; * from 23.4 before 23.4R2-EVO.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-09
Last Modified
2026-07-10
Generated
2026-07-11
AI Q&A
2026-07-10
EPSS Evaluated
N/A
NVD

Affected Vendors & Products

Showing 15 associated CPEs
Vendor Product Version / Range
juniper junoss to 21.2R3-S8 (exc)
juniper junoss From 21.4 (inc) to 21.4R3-S7 (exc)
juniper junoss From 22.1 (inc) to 22.1R3-S6 (exc)
juniper junoss From 22.2 (inc) to 22.2R3-S4 (exc)
juniper junoss From 22.3 (inc) to 22.3R3-S3 (exc)
juniper junoss From 22.4 (inc) to 22.4R3-S2 (exc)
juniper junoss From 23.2 (inc) to 23.2R2 (exc)
juniper junoss From 23.4 (inc) to 23.4R2 (exc)
juniper junose to 21.2R3-S8-EVO (exc)
juniper junose From 21.4 (inc) to 21.4R3-S7-EVO (exc)
juniper junose *
juniper junose From 22.2 (inc) to 22.2R3-S4-EVO (exc)
juniper junose From 22.3 (inc) to 22.3R3-S3-EVO (exc)
juniper junose From 23.2 (inc) to 23.2R2-EVO (exc)
juniper junose From 23.4 (inc) to 23.4R2-EVO (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is an Out-of-bounds Write in the SNMP daemon (snmpd) of Juniper Networks Junos OS and Junos OS Evolved. An authenticated network-based attacker can send specific valid SNMPv3 queries that trigger a memory leak in the snmpd process.

Over time, if these queries are continuously received, the memory used by the snmpd process will be exhausted, causing the process to crash and restart.

This impacts the ability to monitor the system via SNMP because the snmpd process is responsible for handling SNMP requests.

Impact Analysis

The vulnerability can lead to memory exhaustion of the snmpd process, causing it to crash and restart repeatedly.

This results in a loss of SNMP monitoring capability on the affected device, which can hinder system monitoring and management.

If SNMP monitoring is critical for your network operations, this could lead to delayed detection of issues or outages.

Detection Guidance

This vulnerability can be detected by monitoring the memory usage of the snmpd process on affected Juniper devices.

You can use the following command to monitor the memory usage of the snmpd process:

  • show system processes extensive | match snmpd

Continuous increase in memory usage of the snmpd process may indicate exploitation attempts of this vulnerability.

Mitigation Strategies

To mitigate this vulnerability, you should upgrade your Junos OS or Junos OS Evolved to a fixed version that is not affected by the issue. Specifically, ensure your system is running one of the following versions or later:

  • For Junos OS: 21.2R3-S8 or later, 21.4R3-S7 or later, 22.1R3-S6 or later, 22.2R3-S4 or later, 22.3R3-S3 or later, 22.4R3-S2 or later, 23.2R2 or later, or 23.4R2 or later.
  • For Junos OS Evolved: 21.2R3-S8-EVO or later, 21.4R3-S7-EVO or later, 22.2R3-S4-EVO or later, 22.3R3-S3-EVO or later, 23.2R2-EVO or later, or 23.4R2-EVO or later.

Additionally, monitor the memory usage of the snmpd process using the command: show system processes extensive | match snmpd to detect abnormal memory consumption that could indicate exploitation attempts.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-33799. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart