PatchSiren cyber security CVE debrief
CVE-2026-57029 Juniper Networks CVE debrief
A Missing Synchronization vulnerability in the flow collector handler of Juniper Networks Junos OS Evolved on QFX Series allows an adjacent, unauthenticated attacker to cause a Denial-of-Service (DoS). When the reachability of an sFlow collector changes, the corresponding next-hop entry is updated. If this update occurs simultaneously with the sFlow thread accessing the next-hop data, it causes the evo-pfemand process to crash, impacting all traffic forwarding until the automatic process restart has completed.
- Vendor
- Juniper Networks
- Product
- Junos OS Evolved
- CVSS
- MEDIUM 6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-09
- Original CVE updated
- 2026-07-10
- Advisory published
- 2026-07-09
- Advisory updated
- 2026-07-10
Who should care
Users of Juniper Networks Junos OS Evolved on QFX Series, particularly those with exposure to adjacent, unauthenticated networks, should assess and apply necessary updates to mitigate potential Denial-of-Service (DoS) attacks.
Technical summary
The vulnerability exists in the flow collector handler of Juniper Networks Junos OS Evolved on QFX Series. An adjacent, unauthenticated attacker can exploit this Missing Synchronization issue to cause a Denial-of-Service (DoS) by crashing the evo-pfemand process when the reachability of an sFlow collector changes and the sFlow thread accesses the next-hop data simultaneously. This issue affects Junos OS Evolved on QFX Series: all 23.2 versions, 23.4 versions before 23.4R2-S7-EVO, 24.2 versions before 24.2R2-S5-EVO, 24.4 versions before 24.4R2-S3-EVO, 25.2 versions before 25.2R2-EVO.
Defensive priority
Apply updates to affected Junos OS Evolved versions on QFX Series to prevent potential DoS attacks.
Recommended defensive actions
- Inventory and assess exposure of Juniper Networks Junos OS Evolved on QFX Series
- Apply updates for affected versions: 23.2, 23.4 before 23.4R2-S7-EVO, 24.2 before 24.2R2-S5-EVO, 24.4 before 24.4R2-S3-EVO, 25.2 before 25.2R2-EVO
- Monitor network traffic and system logs for signs of exploitation attempts
- Implement compensating controls such as network segmentation and access controls
- Review and apply Juniper Networks support portal references for additional guidance
- Track exceptions and retest remediated assets
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up
Evidence notes
The CVE record was published on 2026-07-09T22:17:08.453Z and was last modified on 2026-07-10T16:16:37.570Z. The NVD entry is currently Received. Evidence is limited to CVE and NVD data. Defenders should verify system configurations, review network traffic and system logs for signs of exploitation attempts, and apply updates for affected versions.
Official resources
-
CVE-2026-57029 CVE record
CVE.org
-
CVE-2026-57029 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-09T22:17:08.453Z and has not been modified since then. The NVD entry is currently Received.