PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-57022 Juniper Networks CVE debrief

CVE-2026-57022 is a Denial-of-Service vulnerability in Juniper Networks Junos OS on MX with SPC3 and SRX Series. An unauthenticated, network-based attacker can cause a PFE crash and restart, affecting all services until the system recovers. The vulnerability is caused by an Improper Check for Unusual or Exceptional Conditions in the Packet Forwarding Engine (PFE). This issue can happen in various scenarios, including ALG, SSL proxy, UTM, RTLOG, AppQoE probing, AAMW, ICAP, and URL filtering.

Vendor
Juniper Networks
Product
Junos OS
CVSS
HIGH 8.2
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-09
Original CVE updated
2026-07-10
Advisory published
2026-07-09
Advisory updated
2026-07-10

Who should care

Users of Juniper Networks Junos OS on MX with SPC3 and SRX Series should apply patches to prevent Denial-of-Service attacks. System administrators and security teams responsible for Juniper Networks devices should review the vulnerability details and assess their exposure.

Technical summary

The Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX with SPC3 and SRX Series has an Improper Check for Unusual or Exceptional Conditions vulnerability. This allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS) by initiating a TCP connection to an attacker-controlled system that responds with a specific packet, causing a PFE crash and restart. The vulnerability affects Junos OS on MX Series with SPC3, SRX5k Series with SPC3, SRX1600 Series, SRX2300 Series, SRX4000 Series, and vSRX Series.

Defensive priority

High priority for Juniper Networks Junos OS on MX with SPC3 and SRX Series users.

Recommended defensive actions

  • Apply patches for affected Junos OS versions
  • Restrict network access to PFE
  • Monitor system logs for suspicious activity
  • Review compensating controls for exposed systems
  • Check relevant monitoring, detection, and logs for exposed assets
  • Track exceptions and retest remediated assets
  • Verify system configurations and review logs for potential exploitation attempts

Evidence notes

The CVE record was published on 2026-07-09T22:17:07.233Z and was last modified on 2026-07-10T15:16:44.490Z. The NVD entry is currently Received. The vulnerability affects Juniper Networks Junos OS on MX with SPC3 and SRX Series. Evidence is limited to CVE and NVD details. Defenders should verify system configurations and review logs for potential exploitation attempts.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-09T22:17:07.233Z and has not been modified since then. The NVD entry is currently Received.