CVE-2026-33778

HIGH EPSS 25.6%

Published Apr 9, 20262mo ago · Modified Jun 17, 20261w ago

8.7 CVSS 4.0

High

Published Apr 9, 2026 2mo ago

Last Modified Jun 17, 2026 1w ago

Description

An Improper Validation of Syntactic Correctness of Input vulnerability in the IPsec library used by kmd and iked of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated, network-based attacker to cause a complete Denial-of-Service (DoS). If an affected device receives a specifically malformed first ISAKMP packet from the initiator, the kmd/iked process will crash and restart, which momentarily prevents new security associations (SAs) for from being established. Repeated exploitation of this vulnerability causes a complete inability to establish new VPN connections. This issue affects Junos OS on SRX Series and MX Series: * all versions before 22.4R3-S9, * 23.2 version before 23.2R2-S6, * 23.4 version before 23.4R2-S7, * 24.2 versions before 24.2R2-S4, * 24.4 versions before 24.4R2-S3, * 25.2 versions before 25.2R1-S2, 25.2R2.

CVSS Details

Base Score

8.7

Exploitability

—

Impact

—

Vector string

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:M/U:X

Attack Vector Network

Attack Complexity Low

Privileges Required None

User Interaction None

Scope X

Threat Intelligence

EPSS Exploit Probability

25.6% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-1286

Affected Products 85

Vendor	Product	Version	Range
juniper	junos	*	<22.4
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	23.2	any
juniper	junos	23.2	any
juniper	junos	23.2	any
juniper	junos	23.2	any
juniper	junos	23.2	any
juniper	junos	23.2	any
juniper	junos	23.2	any
juniper	junos	23.2	any
juniper	junos	23.2	any
juniper	junos	23.2	any
juniper	junos	23.4	any
juniper	junos	23.4	any
juniper	junos	23.4	any
juniper	junos	23.4	any
juniper	junos	23.4	any
juniper	junos	23.4	any
juniper	junos	23.4	any
juniper	junos	23.4	any
juniper	junos	23.4	any
juniper	junos	23.4	any
juniper	junos	23.4	any
juniper	junos	24.2	any
juniper	junos	24.2	any
juniper	junos	24.2	any
juniper	junos	24.2	any
juniper	junos	24.2	any
juniper	junos	24.2	any
juniper	junos	24.2	any
juniper	junos	24.2	any
juniper	junos	24.4	any
juniper	junos	24.4	any
juniper	junos	24.4	any
juniper	junos	24.4	any
juniper	junos	24.4	any
juniper	junos	24.4	any
juniper	junos	24.4	any
juniper	junos	25.2	any
juniper	junos	25.2	any
juniper	junos	25.2	any
juniper	junos	25.2	any
juniper	mx10004	*	any
juniper	mx10008	*	any
juniper	mx2008	*	any
juniper	mx2010	*	any
juniper	mx2020	*	any
juniper	mx204	*	any
juniper	mx240	*	any
juniper	mx301	*	any
juniper	mx304	*	any
juniper	mx480	*	any
juniper	mx960	*	any
juniper	srx1500	*	any
juniper	srx1600	*	any
juniper	srx2300	*	any
juniper	srx300	*	any
juniper	srx320	*	any
juniper	srx340	*	any
juniper	srx345	*	any
juniper	srx380	*	any
juniper	srx4100	*	any
juniper	srx4120	*	any
juniper	srx4200	*	any
juniper	srx4300	*	any
juniper	srx4600	*	any
juniper	srx4700	*	any
juniper	srx5400	*	any
juniper	srx5600	*	any
juniper	srx5800	*	any

References 1

kb.juniper.net https://kb.juniper.net/JSA107868

Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.