Improper Condition Checks in Junos OS Evolved Affecting PTX Series
CVE-2026-33794
8.2HIGH
What is CVE-2026-33794?
A vulnerability in the advanced forwarding toolkit (evo-aftmand) of Juniper Networks Junos OS Evolved allows unauthenticated network-based attackers to exploit improper checks for unusual conditions. The exploitation leads to the generation of continuous routing updates, resulting in the malfunctioning of unified list (unilist) ECMP routes. This may cause internal state corruption, particularly in large-scale ECMP unilist configurations, leading to the crashing of the evo-aftmand process. Recovery requires manual intervention, including rebooting the system or restarting the FPC.
Affected Version(s)
Junos OS Evolved PTX Series 24.4R2-EVO < 24.4R2-S3-EVO
Junos OS Evolved PTX Series 25.2 < 25.2R2, 25.2R2-EVO