Memory Leak Vulnerability in Junos OS Affects MX Series Devices
CVE-2026-33775

7.1HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Os
Vendor: CVE Published:; 9 April 2026

🔔 Create Juniper Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2026-33775?

A memory leak issue exists in the BroadBand Edge subscriber management daemon (bbe-smgd) of Juniper Networks' Junos OS, specifically affecting MX Series devices. This vulnerability enables an unauthenticated adjacent attacker to cause a Denial of Service (DoS) by exhausting the memory related to bbe-smgd when an incorrectly configured authentication packet-type option does not align with the received packet type. As memory depletes, the daemon may reach a state where new subscribers are unable to log in, leading to operational instability. Monitoring tools such as 'show system processes extensive | match bbe-smgd' can be used to check memory utilization and identify potential exhaustion scenarios.

Affected Version(s)

Junos OS MX Series 0 < 22.4R3-S8

Junos OS MX Series 23.2 < 23.2R2-S5

Junos OS MX Series 23.4 < 23.4R2-S6

References

https://kb.juniper.net/JSA107821

vendor-advisory

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Apr 9, 2026
Vulnerability published
Apr 9, 2026
Vulnerability Reserved
Mar 23, 2026

CVE-2026-33775 Data

JSON