CVE-2026-57026
Awaiting Analysis Awaiting Analysis - Queue

Denial-of-Service in Juniper Junos OS SIP Plugin

Vulnerability report for CVE-2026-57026, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-09

Last updated on: 2026-07-10

Assigner: Juniper Networks, Inc.

Description

An Improper Validation of Syntactic Correctness of Input vulnerability in the SIP plugin of Juniper Networks Junos OS on MX Series with SPC3 and SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).If the SIP ALG is enabled on an affected device, the processing of a malformed SIP invite packet will cause a flow processing daemon (flowd) crash and restart. This leads to a complete service outage until the system has automatically recovered. This issue affects Junos OS on MX Series with SPC3 and SRX Series: * all versions before 23.2R2-S7, * 23.4 versions before 23.4R2-S8, * 24.2 versions before 24.2R2-S5, * 24.4 versions before 24.4R2-S4, * 25.2 versions before 25.2R2, * 25.4 versions before 25.4R1-S2.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-09
Last Modified
2026-07-10
Generated
2026-07-11
AI Q&A
2026-07-10
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 6 associated CPEs
Vendor Product Version / Range
juniper_networks junos_os to 23.2R2-S7 (exc)
juniper_networks junos_os to 23.4R2-S8 (exc)
juniper_networks junos_os to 24.2R2-S5 (exc)
juniper_networks junos_os to 24.4R2-S4 (exc)
juniper_networks junos_os to 25.2R2 (exc)
juniper_networks junos_os to 25.4R1-S2 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1286 The product receives input that is expected to be well-formed - i.e., to comply with a certain syntax - but it does not validate or incorrectly validates that the input complies with the syntax.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Compliance Impact

This vulnerability causes a Denial-of-Service (DoS) by crashing the flow processing daemon when processing a malformed SIP invite packet if SIP ALG is enabled. While it leads to service outages, there is no indication from the provided information that it results in data breaches, unauthorized access, or data loss.

Therefore, based on the available information, this vulnerability primarily impacts availability but does not directly affect the confidentiality or integrity of data. As such, its impact on compliance with standards like GDPR or HIPAA, which focus heavily on data protection and privacy, is limited to potential service availability concerns.

Executive Summary

This vulnerability is an Improper Validation of Syntactic Correctness of Input in the SIP plugin of Juniper Networks Junos OS on MX Series with SPC3 and SRX Series devices.

If the SIP ALG (Application Layer Gateway) is enabled, processing a malformed SIP invite packet can cause the flow processing daemon (flowd) to crash and restart.

This crash leads to a Denial-of-Service (DoS), causing a complete service outage until the system recovers automatically.

Impact Analysis

An unauthenticated, network-based attacker can exploit this vulnerability to cause a Denial-of-Service (DoS) on affected devices.

The impact is a complete service outage due to the crash and restart of the flow processing daemon (flowd), which disrupts normal network operations until recovery.

Mitigation Strategies

To mitigate this vulnerability, you should ensure that the SIP ALG (Application Layer Gateway) feature is disabled on affected Juniper Networks devices running Junos OS on MX Series with SPC3 and SRX Series.

Additionally, upgrade your device to a fixed version of Junos OS. The affected versions are all versions before 23.2R2-S7, 23.4 versions before 23.4R2-S8, 24.2 versions before 24.2R2-S5, 24.4 versions before 24.4R2-S4, 25.2 versions before 25.2R2, and 25.4 versions before 25.4R1-S2. Applying the appropriate patches or upgrading to a version at or beyond these fixed releases will prevent the denial-of-service caused by malformed SIP invite packets.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-57026. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart