PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-57019 Juniper Networks CVE debrief

CVE-2026-57019 is an Improper Validation of Specified Quantity in Input vulnerability in Juniper Networks Junos OS on MX Series. An unauthenticated, adjacent attacker can cause a Denial-of-Service (DoS). The issue arises when a specific packet is received from a device in the same broadcast domain, causing the system to incorrectly calculate the packet size. This leads to further packet processing failures, triggering an FPC major error and resulting in an FPC reset that impacts traffic until the FPC automatically recovers. Affected scenarios include MAP-T or non-IP traffic encapsulated in IP (e.g., MPLS over GRE).

Vendor
Juniper Networks
Product
Junos OS
CVSS
HIGH 7.1
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-09
Original CVE updated
2026-07-10
Advisory published
2026-07-09
Advisory updated
2026-07-10

Who should care

Users of Juniper Networks Junos OS on MX Series should be aware of CVE-2026-57019, especially those with configurations involving MAP-T or non-IP traffic encapsulated in IP. The vulnerability can lead to Denial-of-Service (DoS) conditions, impacting network availability.

Technical summary

The vulnerability occurs in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series. When a specific packet is received from a device in the same broadcast domain, the system incorrectly calculates the packet size. This causes further packet processing to fail, triggering an FPC major error and resulting in an FPC reset. The issue affects traffic until the FPC has automatically recovered. Logs indicating the issue include CMError and reset-fru actions.

Defensive priority

High priority should be given to Juniper Networks Junos OS on MX Series users, especially those with configurations involving MAP-T or non-IP traffic encapsulated in IP. Immediate attention is required to prevent potential Denial-of-Service (DoS) conditions.

Recommended defensive actions

  • Inventory and assess Juniper Networks Junos OS on MX Series configurations for potential exposure.
  • Apply patches or updates as recommended by Juniper Networks to address CVE-2026-57019.
  • Implement compensating controls such as monitoring for unusual traffic patterns or FPC resets.
  • Review network configurations to ensure they do not expose vulnerable systems to adjacent attackers.
  • Consider temporarily disabling affected configurations if immediate patching is not feasible.

Evidence notes

The CVE record was published on 2026-07-09T22:17:06.707Z and has been modified. The NVD entry is currently under review. Official references from Juniper Networks and CVE.org are available. Evidence is limited to public sources and may not reflect all affected configurations or potential impacts. Defenders should verify system configurations and apply patches or updates as recommended by Juniper Networks to address CVE-2026-57019.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-09T22:17:06.707Z and has not been modified since then.