CVE-2026-33800
Awaiting Analysis Awaiting Analysis - Queue

Denial-of-Service in Juniper Networks Junos OS MX Series

Vulnerability report for CVE-2026-33800, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-09

Last updated on: 2026-07-10

Assigner: Juniper Networks, Inc.

Description

An Unchecked Input for Loop Condition vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS).Micro-BFD session flaps generate respective up/down events which are queued by PFEMAN for processing. Especially in a Virtual-Chassis (VC) scenario withΒ locality‑bias configured,Β processing takes a significant amount of time for each event.Β If these sessions keep flapping, new events are constantly added, and in turn PFEMAN never completes processing these events. This results in the PFEMAN watchdog timer expiring, which causes the FPC to crash and restart, representing a complete service outage. This issue only affects MX series FPCs up to and including MPC9. It does not affect MPC10/11, LC4800/9600 and MX304. This issue affects Junos OS on MX Series: * all versions before 23.2R2-S7, * 23.4 versions before 23.4R2-S8, * 24.2 versions before 24.2R2-S4, * 24.4 versions before 24.4R2-S3, * 25.2 versions before 25.2R2.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-09
Last Modified
2026-07-10
Generated
2026-07-11
AI Q&A
2026-07-10
EPSS Evaluated
N/A
NVD

Affected Vendors & Products

Showing 5 associated CPEs
Vendor Product Version / Range
juniper juniper_junos to 23.2r2-s7 (exc)
juniper juniper_junos to 23.4r2-s8 (exc)
juniper juniper_junos to 24.2r2-s4 (exc)
juniper juniper_junos to 24.4r2-s3 (exc)
juniper juniper_junos to 25.2r2 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-606 The product does not properly check inputs that are used for loop conditions, potentially leading to a denial of service or other consequences because of excessive looping.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is an Unchecked Input for Loop Condition issue in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series devices. It allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS) by exploiting Micro-BFD session flaps that generate up/down events. These events are queued for processing by PFEMAN, and in certain configurations, especially in a Virtual-Chassis scenario with locality-bias, processing each event takes significant time. If the sessions keep flapping, new events continuously queue, preventing PFEMAN from completing processing. This causes the PFEMAN watchdog timer to expire, leading to the FPC crashing and restarting, resulting in a complete service outage.

The issue affects MX series FPCs up to and including MPC9 and does not affect MPC10/11, LC4800/9600, and MX304. It impacts various versions of Junos OS on MX Series before specific fixed releases.

Mitigation Strategies

To mitigate this vulnerability, you should upgrade the Junos OS on affected MX Series devices to a fixed version. The issue affects all versions before 23.2R2-S7, 23.4 versions before 23.4R2-S8, 24.2 versions before 24.2R2-S4, 24.4 versions before 24.4R2-S3, and 25.2 versions before 25.2R2.

Additionally, note that this vulnerability only affects MX series FPCs up to and including MPC9 and does not affect MPC10/11, LC4800/9600, and MX304.

Impact Analysis

This vulnerability can cause a Denial-of-Service (DoS) condition on affected Juniper MX Series devices. Specifically, it can cause the FPC (Flexible PIC Concentrator) to crash and restart repeatedly, leading to a complete service outage. This disruption can affect network availability and reliability, potentially impacting any services or operations dependent on the affected network infrastructure.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-33800. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart