PatchSiren cyber security CVE debrief
CVE-2026-57019 Juniper Networks CVE debrief
CVE-2026-57019 is an Improper Validation of Specified Quantity in Input vulnerability in Juniper Networks Junos OS on MX Series. An unauthenticated, adjacent attacker can cause a Denial-of-Service (DoS). The issue arises when a specific packet is received from a device in the same broadcast domain, causing the system to incorrectly calculate the packet size. This leads to further packet processing failures, triggering an FPC major error and resulting in an FPC reset that impacts traffic until the FPC automatically recovers. Affected scenarios include MAP-T or non-IP traffic encapsulated in IP (e.g., MPLS over GRE).
- Vendor
- Juniper Networks
- Product
- Junos OS
- CVSS
- HIGH 7.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-09
- Original CVE updated
- 2026-07-10
- Advisory published
- 2026-07-09
- Advisory updated
- 2026-07-10
Who should care
Users of Juniper Networks Junos OS on MX Series should be aware of CVE-2026-57019, especially those with configurations involving MAP-T or non-IP traffic encapsulated in IP. The vulnerability can lead to Denial-of-Service (DoS) conditions, impacting network availability.
Technical summary
The vulnerability occurs in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series. When a specific packet is received from a device in the same broadcast domain, the system incorrectly calculates the packet size. This causes further packet processing to fail, triggering an FPC major error and resulting in an FPC reset. The issue affects traffic until the FPC has automatically recovered. Logs indicating the issue include CMError and reset-fru actions.
Defensive priority
High priority should be given to Juniper Networks Junos OS on MX Series users, especially those with configurations involving MAP-T or non-IP traffic encapsulated in IP. Immediate attention is required to prevent potential Denial-of-Service (DoS) conditions.
Recommended defensive actions
- Inventory and assess Juniper Networks Junos OS on MX Series configurations for potential exposure.
- Apply patches or updates as recommended by Juniper Networks to address CVE-2026-57019.
- Implement compensating controls such as monitoring for unusual traffic patterns or FPC resets.
- Review network configurations to ensure they do not expose vulnerable systems to adjacent attackers.
- Consider temporarily disabling affected configurations if immediate patching is not feasible.
Evidence notes
The CVE record was published on 2026-07-09T22:17:06.707Z and has been modified. The NVD entry is currently under review. Official references from Juniper Networks and CVE.org are available. Evidence is limited to public sources and may not reflect all affected configurations or potential impacts. Defenders should verify system configurations and apply patches or updates as recommended by Juniper Networks to address CVE-2026-57019.
Official resources
-
CVE-2026-57019 CVE record
CVE.org
-
CVE-2026-57019 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-09T22:17:06.707Z and has not been modified since then.