Improper Input Validation in Juniper Networks Junos OS TCP Proxy Plugin
CVE-2026-57023
8.7HIGH
What is CVE-2026-57023?
An input validation flaw in the TCP proxy plugin of Juniper Networks' Junos OS could allow an unauthenticated network attacker to disrupt service by triggering a crash in the flow processing daemon during flow sessions. This issue occurs when a specifically malformed TCP packet is processed, leading to a complete Denial of Service (DoS) until the system recovers automatically. Devices running on affected versions of Junos OS are at risk of significant disruption, particularly when security features like ALGs, Advanced Anti-Malware, ICAP or UTM are enabled.
Affected Version(s)
Junos OS SRX Series 23.4 < 23.4R2-S7
Junos OS SRX Series 24.2 < 24.2R2-S4
Junos OS SRX Series 24.4 < 24.4R2-S3