CVE-2026-33782

HIGH EPSS 20.5%

Published Apr 9, 20262mo ago · Modified Jun 17, 20261w ago

8.7 CVSS 4.0

High

Published Apr 9, 2026 2mo ago

Last Modified Jun 17, 2026 1w ago

Description

A Missing Release of Memory after Effective Lifetime vulnerability in the DHCP daemon (jdhcpd) of Juniper Networks Junos OS on MX Series, allows an adjacent, unauthenticated attacker to cause a memory leak, that will eventually cause a complete Denial-of-Service (DoS). In a DHCPv6 over PPPoE, or DHCPv6 over VLAN with Active lease query or Bulk lease query scenario, every subscriber logout will leak a small amount of memory. When all available memory has been exhausted, jdhcpd will crash and restart which causes a complete service impact until the process has recovered. The memory usage of jdhcpd can be monitored with: user@host> show system processes extensive | match jdhcpd This issue affects Junos OS: * all versions before 22.4R3-S1, * 23.2 versions before 23.2R2, * 23.4 versions before 23.4R2.

CVSS Details

Base Score

8.7

Exploitability

—

Impact

—

Vector string

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:M/U:X

Attack Vector Network

Attack Complexity Low

Privileges Required None

User Interaction None

Scope X

Threat Intelligence

EPSS Exploit Probability

20.5% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-401

Affected Products 28

Vendor	Product	Version	Range
juniper	junos	*	<22.4
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	23.2	any
juniper	junos	23.2	any
juniper	junos	23.2	any
juniper	junos	23.2	any
juniper	junos	23.4	any
juniper	junos	23.4	any
juniper	junos	23.4	any
juniper	junos	23.4	any
juniper	mx10004	*	any
juniper	mx10008	*	any
juniper	mx2008	*	any
juniper	mx2010	*	any
juniper	mx2020	*	any
juniper	mx204	*	any
juniper	mx240	*	any
juniper	mx301	*	any
juniper	mx304	*	any
juniper	mx480	*	any
juniper	mx960	*	any

References 1

kb.juniper.net https://kb.juniper.net/JSA107820

Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.