CVE-2026-33803
Severity CVSS v4.0:
MEDIUM
Type:
Unavailable / Other
Publication date:
09/07/2026
Last modified:
09/07/2026
Description
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited information disclosure and availability impact to the device.<br />
<br />
<br />
Due to a wrong initialization, a process which should only be able to communicate internally within the device can be reached over the network via an open port. This leads to a device being inadvertently exposed and increased CPU cycles spent processing ingress packets.<br />
<br />
This issue affects Junos OS Evolved:<br />
<br />
<br />
* all versions before 23.2R2-S7-EVO,<br />
* 23.4 versions before 23.4R2-S8-EVO,<br />
* 24.2 versions before 24.2R2-S5-EVO,<br />
* 24.4 versions before 24.4R2-S4-EVO,<br />
* 25.2 versions before 25.2R2-S1-EVO,<br />
* 25.4 versions before 25.4R1-S2-EVO.
Impact
Base Score 4.0
6.90
Severity 4.0
MEDIUM
Base Score 3.x
6.50
Severity 3.x
MEDIUM



