Back to KEVs

CVE-2026-21902

Junos OS Evolved: PTX Series: A vulnerability allows a unauthenticated, network-based attacker to execute code as root

Basic Information

CVE State
PUBLISHED
Reserved Date
January 05, 2026
Published Date
February 25, 2026
Last Updated
March 04, 2026
Vendor
Juniper Networks
Product
Junos OS Evolved
Description
An Incorrect Permission Assignment for Critical Resource vulnerability in the On-Box Anomaly detection framework of Juniper Networks Junos OS Evolved on PTX Series allows an unauthenticated, network-based attacker to execute code as root. The On-Box Anomaly detection framework should only be reachable by other internal processes over the internal routing instance, but not over an externally exposed port. With the ability to access and manipulate the service to execute code as root a remote attacker can take complete control of the device. Please note that this service is enabled by default as no specific configuration is required. This issue affects Junos OS Evolved on PTX Series: * 25.4 versions before 25.4R1-S1-EVO, 25.4R2-EVO. This issue does not affect Junos OS Evolved versions before 25.4R1-EVO. This issue does not affect Junos OS.

CVSS Scores

CVSS v4.0

9.3 - CRITICAL

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:L/AU:Y/R:U/RE:M/U:Red

CVSS v3.1

9.8 - CRITICAL

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SSVC Information

Exploitation
poc
Automatable
Yes
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (2026-03-19 00:00:00 UTC) Source

References

https://supportportal.juniper.net/JSA107128 https://kb.juniper.net/JSA107128

Known Exploited Vulnerability Information

Source Added Date
The Shadowserver (via CIRCL) 2026-03-19 00:00:00 UTC

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel