PT-2026-21964 · Juniper Networks · Ptx Series+1

Mccaulay

·

Published

2026-02-25

·

Updated

2026-05-31

·

CVE-2026-21902

CVSS v2.0

10

Critical

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Junos OS Evolved on PTX Series versions prior to 25.4R1-S1-EVO Junos OS Evolved on PTX Series versions prior to 25.4R2-EVO
Description An incorrect permission assignment for critical resources in the On-Box Anomaly detection framework allows an unauthenticated, network-based attacker to execute arbitrary code with root privileges. This framework is intended to be reachable only by internal processes via the internal routing instance, but a misconfiguration exposes it through an externally reachable port. Because the service is enabled by default and runs as root, a successful exploit can grant an attacker complete control over the device, potentially allowing for the interception of data flows and redirection of traffic.
Recommendations Update to versions 25.4R1-S1-EVO, 25.4R2-EVO, or 26.2R1-EVO. As a temporary workaround, disable the vulnerable service using the request pfe anomalies disable command. Restrict access to the vulnerable endpoints to trusted networks only by using firewall filters or Access Control Lists (ACLs).

Exploit

Fix

RCE

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

BDU:2026-02527
CVE-2026-21902

Affected Products

Junos Evolved
Ptx Series