Denial-of-Service Vulnerability in Juniper Networks Junos OS Routing Protocol Daemon
CVE-2026-33801

7.1HIGH

Key Information:

Vendor
CVE Published:
9 July 2026

Badges

👾 Exploit Exists

What is CVE-2026-33801?

A vulnerability in the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to trigger a Denial-of-Service (DoS) condition. This occurs when a specifically malformed BGP update is sent over an established BGP session, causing the RPD to crash and restart. The service outage will persist until routing reconverges, and this issue impacts certain versions of the software, highlighting the importance of timely updates to ensure network security.

Affected Version(s)

Junos OS 25.2 < 25.2R2

Junos OS Evolved 25.2 < 25.2R2-EVO

References

CVSS V4

Score:
7.1
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.