PT-2026-21964 · Juniper Networks · Ptx Series+1
Mccaulay
·
Published
2026-02-25
·
Updated
2026-05-31
·
CVE-2026-21902
CVSS v2.0
10
Critical
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Junos OS Evolved on PTX Series versions prior to 25.4R1-S1-EVO
Junos OS Evolved on PTX Series versions prior to 25.4R2-EVO
Description
An incorrect permission assignment for critical resources in the On-Box Anomaly detection framework allows an unauthenticated, network-based attacker to execute arbitrary code with root privileges. This framework is intended to be reachable only by internal processes via the internal routing instance, but a misconfiguration exposes it through an externally reachable port. Because the service is enabled by default and runs as root, a successful exploit can grant an attacker complete control over the device, potentially allowing for the interception of data flows and redirection of traffic.
Recommendations
Update to versions 25.4R1-S1-EVO, 25.4R2-EVO, or 26.2R1-EVO.
As a temporary workaround, disable the vulnerable service using the
request pfe anomalies disable command.
Restrict access to the vulnerable endpoints to trusted networks only by using firewall filters or Access Control Lists (ACLs).Exploit
Fix
RCE
Incorrect Permission
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Junos Evolved
Ptx Series