Improper Input Validation in Junos OS IPsec Library Affects Juniper Networks Devices
CVE-2026-33778

8.7HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Os
Vendor: CVE Published:; 9 April 2026

🔔 Create Juniper Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2026-33778?

A vulnerability in the IPsec library utilized by the kmd and iked processes in Juniper Networks' Junos OS can lead to significant disruption. An unauthenticated attacker can exploit this flaw by sending a specially crafted first ISAKMP packet, causing the kmd/iked process to crash and restart. This results in a temporary halt in new security associations, preventing the establishment of new VPN connections. Continuous exploitation exacerbates the issue, leading to a complete inability to initiate new connections for affected devices. The vulnerability impacts several versions of Junos OS across SRX and MX Series devices.

Affected Version(s)

Junos OS SRX Series 0 < 22.4R3-S9

Junos OS SRX Series 23.2 < 23.2R2-S6

Junos OS SRX Series 23.4 < 23.4R2-S7

References

https://kb.juniper.net/JSA107868

vendor-advisory

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Apr 9, 2026
Vulnerability published
Apr 9, 2026
Vulnerability Reserved
Mar 23, 2026

CVE-2026-33778 Data

JSON