CVE-2026-21906 Junos OS: SRX Series: With GRE performance acceleration enabled, receipt of a specific ICMP packet causes the PFE to crash

🗓️ 15 Jan 2026 20:20:32Reported by juniperType

Unauthenticated attacker can crash SRX PFE via ICMP over GRE with PowerMode IPsec, causing traffic loss.

Reporter	Title	Published	Views	Family All 11
ATTACKERKB	CVE-2026-21906	15 Jan 202620:20	–	attackerkb
Circl	CVE-2026-21906	15 Jan 202621:46	–	circl
CNNVD	Juniper Networks Junos OS security vulnerabilities	15 Jan 202600:00	–	cnnvd
CVE	CVE-2026-21906	15 Jan 202620:20	–	cve
EUVD	EUVD-2026-2698	15 Jan 202620:20	–	euvd
NCSC	Vulnerabilities fixed in Juniper Networks JunOS	16 Jan 202610:07	–	ncsc
NVD	CVE-2026-21906	15 Jan 202621:16	–	nvd
OSV	CVE-2026-21906	15 Jan 202621:16	–	osv
Positive Technologies	PT-2026-3120	15 Jan 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-21906	16 Jan 202621:33	–	redhatcve

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "SRX Series"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "21.4R3-S12",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "22.4R3-S8",
        "status": "affected",
        "version": "22.4",
        "versionType": "semver"
      },
      {
        "lessThan": "23.2R2-S5",
        "status": "affected",
        "version": "23.2",
        "versionType": "semver"
      },
      {
        "lessThan": "23.4R2-S5",
        "status": "affected",
        "version": "23.4",
        "versionType": "semver"
      },
      {
        "lessThan": "24.2R2-S3",
        "status": "affected",
        "version": "24.2",
        "versionType": "semver"
      },
      {
        "lessThan": "24.4R2-S1",
        "status": "affected",
        "version": "24.4",
        "versionType": "semver"
      },
      {
        "lessThan": "25.2R1-S1, 25.2R2",
        "status": "affected",
        "version": "25.2",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
supportportal	www.supportportal.juniper.net/JSA106005
juniper	www.juniper.net/documentation/us/en/software/junos/vpn-ipsec/topics/topic-map/security-powermode-ipsec-vpn.html
kb	www.kb.juniper.net/JSA106005

15 Jan 2026 20:20Current

CVSS 3.17.5

CVSS 48.7

EPSS0.00016

CWE-755