Improper Check for Unusual Conditions in Junos OS on SRX Series by Juniper Networks
CVE-2026-33790

8.7HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Os
Vendor: CVE Published:; 9 April 2026

🔔 Create Juniper Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2026-33790?

An improper check vulnerability in the flow daemon (flowd) of Junos OS on SRX Series devices allows attackers to exploit the system by sending a specially crafted, malformed ICMPv6 packet. This can lead to the srxpfe process crashing and restarting continuously, resulting in a persistent Denial of Service (DoS) condition. Importantly, this issue is exclusive to malformed ICMPv6 traffic and cannot be triggered by IPv4 or other types of IPv6 packets.

Affected Version(s)

Junos OS SRX Series 0 < 21.2R3-S10

Junos OS SRX Series 21.4 < 21.4R3-S12

Junos OS SRX Series 22.2 < 22.2R3-S8

References

https://kb.juniper.net/JSA107874

vendor-advisory

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Apr 9, 2026
Vulnerability published
Apr 9, 2026
Vulnerability Reserved
Mar 23, 2026

CVE-2026-33790 Data

JSON