Breaking
Take-Two CEO Explains Why GTA 6 Isn’t Coming to PC on Day One
DigiCert Hacked via Weaponized Screensaver File to Obtain EV Code Signing Certificates
DigiCert Hacked via Weaponized Screensaver File to Obtain EV Code Signing Certificates
Every LEGO Millennium Falcon from 2000 to Today
Get an Apple Watch Ultra for Just $299 at Amazon
Pokémon Scalpers Are Now Reselling Limited Edition Pop-Tarts
Today’s Top Deals: Star Wars Day Discounts on LEGO, Video Games, Must-Have Collectibles, and More
Star Wars Streaming Ratings Reveal the Top 10 Shows and Movies from May the 4th 2025
All of the Star Wars Sales for May the 4th 2026
The New Mandalorian & Grogu Popcorn Bucket at Walmart Includes a Free Movie Ticket
4 May 2026, Mon
Launch Your Site in 5 Minutes
Cyber Security News

Juniper PTX Routers at Risk as Critical Vulnerability Enables Full Device Takeover

By rssfeeds-admin No Comments
Juniper Networks released an urgent critical security bulletin for a severe flaw in its PTX Series routers running Junos OS Evolved.

This vulnerability allows unauthenticated attackers on the network to execute malicious code with root privileges, enabling full device takeover. Core network gear like this demands tight protection against such bypasses.

Vulnerability Details

Juniper Networks has clarified that the issue arises from wrong permission settings in the On-Box Anomaly Detection framework.

This tool spots odd network behavior but exposes a key weakness. Meant for internal use only, it sits on an external port by default, no config or login needed.

Attackers can remotely tweak it to run code as root, thereby seizing control. They could sniff traffic, tweak settings, or pivot deeper into networks.

It hits only the PTX Series on Junos OS Evolved versions 25.4 before 25.4R1-S1-EVO and 25.4R2-EVO. Standard Junos OS and earlier Evolved releases escape unscathed.

CVE Overview

DetailInformation
CVE IDCVE-2026-21902
SeverityCritical
CVSS v3.1 Score9.8
CVSS v4.0 Score9.3
Affected ProductJunos OS Evolved (PTX Series)
Affected Versions25.4 before 25.4R1-S1-EVO, 25.4R2-EVO
Unaffected VersionsJunos OS Evolved before 25.4R1-EVO, Standard Junos OS
Attack VectorNetwork (Remote)
AuthenticationNone Required
ImpactCode Execution as Root (Full Takeover)

Juniper found this in internal tests; no wild exploits yet. But its simplicity demands quick fixes. Update to patched releases: 25.4R1-S1-EVO, 25.4R2-EVO, 26.2R1-EVO, or later. Check the official bulletin.

Can’t patch now? Block the service with ACLs or firewall rules allow only trusted sources. Or disable it via CLI: request pfe anomalies disable. This kills the exposure until you upgrade.

Network teams should scan for PTX routers, test patches in labs, and monitor logs for odd port hits. This flaw highlights risks in default-enabled services on backbone routers.

Follow us on Google NewsLinkedIn and X to Get More Instant UpdatesSet Cyberpress as a Preferred Source in Google

The post Juniper PTX Routers at Risk as Critical Vulnerability Enables Full Device Takeover appeared first on Cyber Security News.

Discover more from RSS Feeds Cloud

Subscribe to get the latest posts sent to your email.

By rssfeeds-admin

Related Posts

Cyber Security News

DigiCert Hacked via Weaponized Screensaver File to Obtain EV Code Signing Certificates

rssfeeds-admin
Cyber Security News

DigiCert Hacked via Weaponized Screensaver File to Obtain EV Code Signing Certificates

rssfeeds-admin
Cyber Security News

MSSPs Face Rising Alert Fatigue as False Positives Drain Analyst Time and Resources

rssfeeds-admin

You Missed

IGN

Take-Two CEO Explains Why GTA 6 Isn’t Coming to PC on Day One

Cyber Security News

DigiCert Hacked via Weaponized Screensaver File to Obtain EV Code Signing Certificates

Cyber Security News

DigiCert Hacked via Weaponized Screensaver File to Obtain EV Code Signing Certificates

IGN

Every LEGO Millennium Falcon from 2000 to Today

Discover more from RSS Feeds Cloud

Subscribe now to keep reading and get access to the full archive.

Continue reading