Improper Condition Check in Juniper Networks QFX10000 Series Packet Forwarding Engine
CVE-2026-57020

7.1HIGH

Key Information:

Status
Vendor
CVE Published:
9 July 2026

Badges

👾 Exploit Exists

What is CVE-2026-57020?

A vulnerability exists in the packet forwarding engine of Juniper Networks' Junos OS on the QFX10000 Series, which allows an unauthenticated adjacent attacker to exploit this flaw. When IPv6 multicast traffic is sent to the non-IRB interface of a spine switch within an EVPN-VxLAN architecture, it may cause unintended packet flooding. This flooding results in an endless loop of packet forwarding to other spine switches and all associated Ethernet Segment Identifier leaf switches. The resultant saturation of network links can significantly disrupt legitimate traffic flow, leading to potential Denial-of-Service conditions.

Affected Version(s)

Junos OS QFX10000 Series 0 < 23.2R2-S7

Junos OS QFX10000 Series 23.4 < 23.4R2-S8

Junos OS QFX10000 Series 24.2 < 24.2R2-S4

References

CVSS V4

Score:
7.1
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.