PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-33774 Juniper Networks CVE debrief

CVE-2026-33774 is an Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on MX Series. This vulnerability allows an unauthenticated, network-based attacker to bypass the configured firewall filter and access the control-plane of the device. The issue arises on MX platforms with specific line cards (MPC10, MPC11, LC4800, or LC9600) and MX304, where firewall filters applied on a loopback interface (lo0.n, where n is a non-0 number) do not get executed when lo0.n is in the global VRF / default routing-instance.

Vendor
Juniper Networks
Product
Junos OS
CVSS
MEDIUM 6.9
CISA KEV
Not listed in stored evidence
Original CVE published
2026-04-09
Original CVE updated
2026-07-08
Advisory published
2026-04-09
Advisory updated
2026-07-08

Who should care

Network administrators and security teams managing Juniper Networks Junos OS on MX Series devices should be aware of this vulnerability. The vulnerability can be exploited by an unauthenticated, network-based attacker, which could lead to unauthorized access to the control-plane of the device.

Technical summary

The vulnerability is caused by an improper check for unusual or exceptional conditions in the packet forwarding engine (pfe) of Juniper Networks Junos OS on MX Series. This allows an attacker to bypass configured firewall filters and access the control-plane of the device. The issue is specific to certain line cards (MPC10, MPC11, LC4800, or LC9600) and the MX304 platform. The vulnerability can be observed with the CLI command 'show firewall counter filter <filter_name>' not showing any matches.

Defensive priority

High

Recommended defensive actions

  • Apply the latest security patches for Juniper Networks Junos OS on MX Series devices.
  • Restrict access to the control-plane of the device.
  • Monitor firewall filter configurations and counts.
  • Verify loopback interface configurations and routing instances.
  • Implement compensating controls to detect and prevent unauthorized access.

Evidence notes

The CVE record was published on 2026-04-09T22:16:25.803Z and was last modified on 2026-07-08T03:20:40.993Z. The NVD entry is currently Analyzed. Evidence is limited to public CVE and NVD information. Defenders should verify the configuration and impact of Juniper Networks Junos OS on MX Series devices, specifically checking for affected line cards and loopback interface configurations. Additional verification tasks may be necessary to confirm the scope of potential exposure.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-04-09T22:16:25.803Z and has not been modified since then. The NVD entry is currently Analyzed.