CVE-2026-33793

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 22.4R3-S7 Junos OS versions 23.2 through 23.2R2-S4 Junos OS versions 23.4 through 23.4R2-S6 Junos OS versions 24.2 through 24.2R1-S2, 24.2R2 Junos OS versions 24.4 through 24.4R1-S2, 24.4R2 Junos OS Evolved versions prior to 22.4R3-S7-EVO Junos OS Evolved versions 23.2 through 23.2R2-S4-EVO Junos OS Evolved versions 23.4 through 23.4R2-S6-EVO Junos OS Evolved versions 24.2 through 24.2R2-EVO Junos OS Evolved versions 24.4 through 24.4R1-S1-EVO, 24.4R2-EVO

Description An Execution with Unnecessary Privileges issue exists in the User Interface (UI) of Juniper Networks Junos OS and Junos OS Evolved. A local, low-privileged attacker can gain root privileges, potentially compromising the system. This occurs when a configuration allows unsigned Python op scripts, enabling a non-root user to execute malicious scripts with root-equivalent privileges, leading to privilege escalation.

Recommendations Update Junos OS to version 22.4R3-S7 or later. Update Junos OS to version 23.2R2-S4 or later. Update Junos OS to version 23.4R2-S6 or later. Update Junos OS to version 24.2R1-S2 or 24.2R2 or later. Update Junos OS to version 24.4R1-S2 or 24.4R2 or later. Update Junos OS Evolved to version 22.4R3-S7-EVO or later. Update Junos OS Evolved to version 23.2R2-S4-EVO or later. Update Junos OS Evolved to version 23.4R2-S6-EVO or later. Update Junos OS Evolved to version 24.2R2-EVO or later. Update Junos OS Evolved to version 24.4R1-S1-EVO or 24.4R2-EVO or later.