CVE-2026-33803
Undergoing Analysis Undergoing Analysis - In Progress

Information Disclosure in Juniper Networks Junos OS Evolved

Vulnerability report for CVE-2026-33803, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-09

Last updated on: 2026-07-10

Assigner: Juniper Networks, Inc.

Description

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited information disclosure and availability impact to the device. Due to a wrong initialization, a process which should only be able to communicate internally within the device can be reached over the network via an open port. This leads to a device being inadvertently exposed and increased CPU cycles spent processing ingress packets. This issue affects Junos OS Evolved: * all versions before 23.2R2-S7-EVO, * 23.4 versions before 23.4R2-S8-EVO, * 24.2 versions before 24.2R2-S5-EVO, * 24.4 versions before 24.4R2-S4-EVO, * 25.2 versions before 25.2R2-S1-EVO, * 25.4 versions before 25.4R1-S2-EVO.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-09
Last Modified
2026-07-10
Generated
2026-07-11
AI Q&A
2026-07-10
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 6 associated CPEs
Vendor Product Version / Range
juniper juniper_networks_junos_os_evolved to 23.2R2-S7-EVO (exc)
juniper juniper_networks_junos_os_evolved to 23.4R2-S8-EVO (exc)
juniper juniper_networks_junos_os_evolved to 24.2R2-S5-EVO (exc)
juniper juniper_networks_junos_os_evolved to 24.4R2-S4-EVO (exc)
juniper juniper_networks_junos_os_evolved to 25.2R2-S1-EVO (exc)
juniper juniper_networks_junos_os_evolved to 25.4R1-S2-EVO (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-923 The product establishes a communication channel to (or from) an endpoint for privileged or protected operations, but it does not properly ensure that it is communicating with the correct endpoint.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is an Improper Restriction of Communication Channel to Intended Endpoints in Juniper Networks Junos OS Evolved. It allows an unauthenticated attacker on the network to access a process that should only communicate internally within the device. Because of incorrect initialization, this internal process is exposed via an open network port.

As a result, the device is inadvertently exposed to external access, which can lead to limited information disclosure and increased CPU usage as the device processes unexpected incoming packets.

Impact Analysis

The vulnerability can impact you by allowing an unauthenticated network attacker to gain limited access to information from the device and cause availability issues.

Specifically, the attacker can reach an internal process over the network, which should not be accessible externally, leading to inadvertent exposure of the device.

Additionally, the device may experience increased CPU usage due to processing unexpected ingress packets, potentially degrading performance or availability.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-33803. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart