CVE-2026-33775

A Missing Release of Memory after Effective Lifetime vulnerability in the BroadBand Edge subscriber management daemon bbe-smgd of Juniper Networks Junos OS on MX Series allows an adjacent, unauthenticated attacker to cause a Denial of Service DoS. If the authentication packet-type option is...

CVE-2026-33785

A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on MX Series allows a local, authenticated user with low privileges to execute specific commands which will lead to a complete compromise of managed devices. Any user logged in, without requiring specific privileges, ca...

CVE-2026-33785 Junos OS: MX Series: Missing Authorization for specific 'request' CLI commands in a JDM/CSDS scenario

A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on MX Series allows a local, authenticated user with low privileges to execute specific commands which will lead to a complete compromise of managed devices. Any user logged in, without requiring specific privileges, ca...

CVE-2026-33775

CVE-2026-33775 describes a memory leak (Missing Release of Memory after Effective Lifetime) in Juniper Junos OS MX Series bbe-smgd that can be triggered by a mismatch between configured and received packet types. An adjacent, unauthenticated attacker may cause a DoS by exhausting heap memory, aft...

CVE-2026-33775 Junos OS: MX Series: Mismatch between configured and received packet types causes memory leak in bbe-smgd

A Missing Release of Memory after Effective Lifetime vulnerability in the BroadBand Edge subscriber management daemon bbe-smgd of Juniper Networks Junos OS on MX Series allows an adjacent, unauthenticated attacker to cause a Denial of Service DoS. If the authentication packet-type option is...

CVE-2025-21594

An Improper Check for Unusual or Exceptional Conditions vulnerability in the pfe packet forwarding engine of Juniper Networks Junos OS on MX Series causes a port within a pool to be blocked leading to Denial of Service DoS. In a DS-Lite Dual-Stack Lite and NAT Network Address Translation scenario...

PT-2025-15867 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 21.2R3-S9 Junos OS versions 21.4 prior to 21.4R3-S8 Junos OS versions 22.2 prior to 22.2R3-S4 Junos OS versions 22.4 prior to 22.4R3-S5 Junos OS versions 23.2 prior to 23.2R2-S2 Junos OS versions 23.4 prior to 23.4R...

The vulnerability of the Juniper Networks Junos OS router series MX devices, specifically the “beb-smgd” controller demon, allows a hacker to cause a service failure.

The vulnerability of the Juniper Networks Junos OS router series MX devices, specifically those belonging to the Border Gateway Service Management Device bbe-smgd module, is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service...

CVE-2024-39550

A Missing Release of Memory after Effective Lifetime vulnerability in the rtlogd process of Juniper Networks Junos OS on MX Series with SPC3 allows an unauthenticated, adjacent attacker to trigger internal events cause which can be done by repeated port flaps to cause a slow memory leak, ultimate...

CVE-2024-39542

An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX Series with MPC10/11 or LC9600, MX304, and Junos OS Evolved on ACX Series and PTX Series allows an unauthenticated, network based attacker to cause a...

CVE-2024-30378

A Use After Free vulnerability in command processing of Juniper Networks Junos OS on MX Series allows a local, authenticated attacker to cause the broadband edge service manager daemon bbe-smgd to crash upon execution of specific CLI commands, creating a Denial of Service DoS condition. The...

PT-2024-2887

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions 21.4R3 through 21.4R3-S5 Juniper Networks Junos OS versions 22.2R2 through 22.2R3-S2 Juniper Networks Junos OS versions 22.3R1 through 22.3R2-S2 Juniper Networks Junos OS versions 22.3R3 through 22.3R3-S1...

CVE-2024-21607

An Unsupported Feature in the UI vulnerability in Juniper Networks Junos OS on MX Series and EX9200 Series allows an unauthenticated, network-based attacker to cause partial impact to the integrity of the device. If the "tcp-reset" option is added to the "reject" action in an IPv6 filter which...

PT-2024-1135 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS on MX Series versions prior to 20.4R3-S9 Juniper Networks Junos OS on MX Series version 21.2 versions prior to 21.2R3-S7 Juniper Networks Junos OS on MX Series version 21.3 versions prior to 21.3R3-S5 Juniper Network...

CVE-2023-44199

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX Series allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. On Junos MX Series platforms with Precision Time Protocol PTP...

CVE-2023-36841

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series allows a unauthenticated network-based attacker to cause an infinite loop, resulting in a Denial of Service DoS. An attacker who sends malformed TCP...

PT-2023-6130 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS on MX Series versions prior to 20.4R3-S4 Juniper Networks Junos OS on MX Series version 21.1R1 and later versions Juniper Networks Junos OS on MX Series versions prior to 21.2R3-S2 Juniper Networks Junos OS on MX...

The vulnerability of the Aggregated Multiservices (AMS) interface of Juniper Networks’ Junos operating system in Junos MX devices allows a attacker to cause service failure.

The vulnerability of the Aggregated Multiservices AMS interface of Juniper Networks’ Junos operating system for MX devices is related to insufficient handling of exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

Juniper Junos OS Vulnerability (JSA10892)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA10892 advisory. - On MX Series and M120/M320 platforms configured in a Broadband Edge BBE environment, subscribers logging in with DHCP Option 50 to request a specific IP address will be...

CVE-2023-36850

An Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Connectivity Fault ManagementCFM module of Juniper Networks Junos OS on MX Seriesexcept MPC10, MPC11 and LC9600 allows an adjacent attacker on the local broadcast domain to cause a Denial of ServiceDoS...