PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-57032 Juniper Networks CVE debrief

CVE-2026-57032 is an Improper Handling of Undefined Parameters vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on EX Series devices. An authenticated attacker with low privileges can cause a Denial-of-Service (DoS) by attempting to subscribe to an unsupported telemetry sensor path via gRPC, causing the FPC to crash and leading to a complete service outage until the module has automatically restarted.

Vendor
Juniper Networks
Product
Junos OS
CVSS
HIGH 7.1
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-09
Original CVE updated
2026-07-10
Advisory published
2026-07-09
Advisory updated
2026-07-10

Who should care

Users of Juniper Networks Junos OS on EX Series devices, particularly those using EX2300, EX3400, EX4000, EX4100, and EX4400 devices with versions before 23.2R2-S7, 23.4 versions before 23.4R2-S8, 24.2 versions before 24.2R2-S5, and 24.4 versions before 24.4R2, should be aware of this vulnerability and take steps to mitigate it.

Technical summary

The vulnerability exists in the packet forwarding engine (pfe) of Juniper Networks Junos OS on EX Series devices. An authenticated attacker with low privileges can cause a Denial-of-Service (DoS) by attempting to subscribe to an unsupported telemetry sensor path via gRPC. This causes the Forwarding Processing Card (FPC) to crash, leading to a complete service outage until the module has automatically restarted. The issue affects specific versions of Junos OS on EX2300, EX3400, EX4000, EX4100, and EX4400 devices.

Defensive priority

High priority should be given to patching or mitigating this vulnerability, as it allows for a Denial-of-Service (DoS) attack with low privileges.

Recommended defensive actions

  • Apply the necessary patches or updates to Junos OS on affected EX Series devices.
  • Restrict access to the gRPC interface to only trusted users and networks.
  • Monitor system logs for attempts to subscribe to unsupported telemetry sensor paths.
  • Consider implementing compensating controls, such as rate limiting or IP blocking, to mitigate potential attacks.
  • Review network configurations to ensure that only necessary services are exposed.
  • Implement additional monitoring to detect potential exploitation attempts.
  • Verify that all affected devices have been patched or mitigated.

Evidence notes

The CVE record was published on 2026-07-09T22:17:09.007Z and was last modified on 2026-07-10T15:16:45.590Z. The NVD entry is currently Received. The vulnerability affects Junos OS on EX2300, EX3400, EX4000, EX4100, and EX4400 devices with specific version ranges.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-09T22:17:09.007Z and has not been modified since then. The NVD entry is currently Received.