FKIE_CVE-2026-33783
Vulnerability from fkie_nvd - Published: 2026-04-09 22:16 - Updated: 2026-04-17 18:27
Severity
Summary
A Function Call With Incorrect Argument Type vulnerability in the sensor interface of Juniper Networks Junos OS Evolved on PTX Series allows a network-based, authenticated attacker with low privileges to cause a complete Denial of Service (DoS).
If colored SRTE policy tunnels are provisioned via PCEP, and gRPC is used to monitor traffic in these tunnels, evo-aftmand crashes and doesn't restart which leads to a complete and persistent service impact. The system has to be manually restarted to recover. The issue is seen only when the Originator ASN field in PCEP contains a value larger than 65,535 (32-bit ASN). The issue is not reproducible when SRTE policy tunnels are statically configured.
This issue affects Junos OS Evolved on PTX Series:
* all versions before 22.4R3-S9-EVO,
* 23.2 versions before 23.2R2-S6-EVO,
* 23.4 versions before 23.4R2-S7-EVO,
* 24.2 versions before 24.2R2-S4-EVO,
* 24.4 versions before 24.4R2-S2-EVO,
* 25.2 versions before 25.2R1-S2-EVO, 25.2R2-EVO.
References
| URL | Tags | ||
|---|---|---|---|
| sirt@juniper.net | https://kb.juniper.net/JSA107870 | Mitigation, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A9925263-E7B7-49AA-8271-AF320F355B80",
"versionEndExcluding": "22.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:-:*:*:*:*:*:*",
"matchCriteriaId": "0A33C425-921F-4795-B834-608C8F1597E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "93887799-F62C-4A4A-BCF5-004D0B4D4154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "62C473D2-2612-4480-82D8-8A24D0687BBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "7FB4C5CA-A709-4B13-A9E0-372098A72AD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "04CE952D-E3C1-4B34-9E65-EC52BFE887AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "8AE9D1A7-4721-4E1D-B965-FDC38126B1DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "A8643AA3-29EF-48A7-B033-CB60988E214B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "9800BA03-E6BF-4212-B2E7-69C0FD27D294",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "ACCA655D-C542-44F1-B183-4C864CFF2D4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "6D499B19-A91A-4B76-B1CB-6A07A4CB212B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "B6B2830C-26EE-446E-B0C3-B5E43AD897B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "1C7367E6-B491-4A1F-B9D7-BC86A15A0773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "72A89D1E-9EA4-4959-9F54-84F1F99A4ADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "01980CDF-A5CE-480D-BCED-BD5E29E4DE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s7:*:*:*:*:*:*",
"matchCriteriaId": "BA6ECC3B-657C-4475-95B0-1FD18B076BC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:-:*:*:*:*:*:*",
"matchCriteriaId": "6DEAA7FD-385F-4221-907E-65ABC16BE4BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "DDEC008A-3137-48D1-8ABC-6DB0EFC40E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "558D234D-BC50-415F-86D6-8E19D6C3ACE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "33F4EEEE-77E9-4973-A770-99E7BA2F05F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "A4BB6910-B994-45FD-8153-5EC00EE842E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "D657944B-2066-4F2C-BC92-EDF4DE1C165C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "75A58924-6348-44CF-AB39-1FCE17FE81AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s3:*:*:*:*:*:*",
"matchCriteriaId": "9A903B31-D9E5-43FA-B09F-7E7769803720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s4:*:*:*:*:*:*",
"matchCriteriaId": "E23BEA27-77F8-4CDF-A49A-FEF9C33DA513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s5:*:*:*:*:*:*",
"matchCriteriaId": "6DD20427-FB6A-46CE-B20F-D62CCC9B4A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:-:*:*:*:*:*:*",
"matchCriteriaId": "9D7F0D73-85EE-4A07-B51B-6BF52ECBA75E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "FE777A1F-9CD9-426E-AF1C-FBE01EB9A4A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "7147BA60-30A5-4CED-9AAF-F6BEA0528B89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "6E5CE59B-14B2-4F4C-81B5-0430EC954956",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "FB82B22F-9005-4EF0-A1E3-4261757783D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "0224D3F1-8B86-432C-8F5B-B4B7B69ADF31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "EB2FE5FE-0ADE-406E-A23D-FDCC104B2496",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s3:*:*:*:*:*:*",
"matchCriteriaId": "2E58987A-D7B7-4FFF-9969-E8FD76AE2BE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s4:*:*:*:*:*:*",
"matchCriteriaId": "E779C0D4-A8F7-4976-B3C8-B9802B96E715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s5:*:*:*:*:*:*",
"matchCriteriaId": "C7457415-D893-474B-ABA6-9841BB5CC6DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s6:*:*:*:*:*:*",
"matchCriteriaId": "3EFB8038-F336-4038-9AEA-C24253FAD578",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:-:*:*:*:*:*:*",
"matchCriteriaId": "0DD89AAD-C615-42AF-B8AF-E6067862F0F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "28AFF11D-E418-4A76-B557-F60622602537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "0A86A69D-2B90-4B3B-A6EC-88358284787D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "080BEA58-9667-4C2C-810D-DC1187DB67DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "34072A94-CFEB-4FAA-8E68-E98D4F7602E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "C79FF7EC-AD91-4F9F-B8AC-B1A9C9271816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:r2-s3:*:*:*:*:*:*",
"matchCriteriaId": "7C61DC50-CAB6-4197-90C8-A2B48EE8F761",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.4:-:*:*:*:*:*:*",
"matchCriteriaId": "B32ADA05-5F5D-45B6-BB7B-3FA6A6F229F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "D6526E82-A6A6-4A65-9B01-B3FCB947F44E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "CF3B74FA-DF84-4E3E-BCF9-44EEF9E45910",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.4:r1-s3:*:*:*:*:*:*",
"matchCriteriaId": "DC024CDE-DA63-4E87-BA97-5E8C06B0D8B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "25DA0DD2-E974-448C-BD05-ED6FCA4725FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "C5F6F47F-0C86-4554-8517-A6A0CD29B3B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:25.2:-:*:*:*:*:*:*",
"matchCriteriaId": "DAF96553-DB70-4DFA-8658-306A7477DD06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:25.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "83C415EF-E87B-4259-A836-59B3A9C3914B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:25.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "AFD32E67-9D8D-437D-96BC-CA97A1F686BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:25.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "EB843A79-1B1C-4638-96B9-F1F191F1F75F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:ptx10001-36mr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C188428C-0558-44FB-845C-E885DE9A0733",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx10002-36qdd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F805FE65-289B-404D-87A3-289A4A9AC927",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx10003:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5BD05415-9F94-4EB8-805A-C9C0FFA9D0DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx10004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C432E543-37F5-4CA0-B239-2B97C6A16907",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx10008:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65A64A26-4606-4D33-8958-5A3B7FFC4CDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx10016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1879799F-18B2-4958-AA90-FD19348C889F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx12008:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90D4D075-6304-47C8-8F2C-6F5DB4617DBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Function Call With Incorrect Argument Type vulnerability in the sensor interface of Juniper Networks Junos OS Evolved on PTX Series allows a network-based, authenticated attacker with low privileges to cause a complete Denial of Service (DoS).\n\n\nIf colored SRTE policy tunnels are provisioned via PCEP, and gRPC is used to monitor traffic in these tunnels, evo-aftmand crashes and doesn\u0027t restart which leads to a complete and persistent service impact. The system has to be manually restarted to recover. The issue is seen only when the Originator ASN field in PCEP contains a value larger than 65,535 (32-bit ASN). The issue is not reproducible when SRTE policy tunnels are statically configured.\n\n\nThis issue affects Junos OS Evolved on PTX Series:\u00a0\n\n\n\n * all versions before 22.4R3-S9-EVO,\n * 23.2 versions before 23.2R2-S6-EVO,\n * 23.4 versions before 23.4R2-S7-EVO,\n * 24.2 versions before 24.2R2-S4-EVO,\n * 24.4 versions before 24.4R2-S2-EVO,\n * 25.2 versions before 25.2R1-S2-EVO, 25.2R2-EVO."
}
],
"id": "CVE-2026-33783",
"lastModified": "2026-04-17T18:27:14.957",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "sirt@juniper.net",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:X/RE:M/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "MODERATE"
},
"source": "sirt@juniper.net",
"type": "Secondary"
}
]
},
"published": "2026-04-09T22:16:27.590",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA107870"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-686"
}
],
"source": "sirt@juniper.net",
"type": "Primary"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…