CVE-2026-21920

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS on SRX Series versions 23.4 before 23.4R2-S5 Juniper Networks Junos OS on SRX Series versions 24.2 before 24.2R2-S1 Juniper Networks Junos OS on SRX Series versions 24.4 before 24.4R2

Description An unchecked return value issue exists in the DNS module of Junos OS on SRX Series devices. An unauthenticated, network-based attacker can exploit this to cause a Denial-of-Service (DoS). Specifically, when an SRX Series device configured for DNS processing receives a specially crafted DNS request, the flowd process crashes and restarts, leading to a service interruption until the process recovers.

Recommendations Update Junos OS on SRX Series to version 23.4R2-S5 or later. Update Junos OS on SRX Series to version 24.2R2-S1 or later. Update Junos OS on SRX Series to version 24.4R2 or later.

Fix

Unchecked Return Value

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-252

Related Identifiers

CVE-2026-21920

Affected Products

Junos Srx Series

CVE-2026-21920

Weakness Enumeration

Related Identifiers

Affected Products

References · 6