This vulnerability allows unauthenticated attackers on the network to execute malicious code with root privileges, enabling full device takeover. Core network gear like this demands tight protection against such bypasses.
Vulnerability Details
Juniper Networks has clarified that the issue arises from wrong permission settings in the On-Box Anomaly Detection framework.
This tool spots odd network behavior but exposes a key weakness. Meant for internal use only, it sits on an external port by default, no config or login needed.
Attackers can remotely tweak it to run code as root, thereby seizing control. They could sniff traffic, tweak settings, or pivot deeper into networks.
It hits only the PTX Series on Junos OS Evolved versions 25.4 before 25.4R1-S1-EVO and 25.4R2-EVO. Standard Junos OS and earlier Evolved releases escape unscathed.
CVE Overview
| Detail | Information |
| CVE ID | CVE-2026-21902 |
| Severity | Critical |
| CVSS v3.1 Score | 9.8 |
| CVSS v4.0 Score | 9.3 |
| Affected Product | Junos OS Evolved (PTX Series) |
| Affected Versions | 25.4 before 25.4R1-S1-EVO, 25.4R2-EVO |
| Unaffected Versions | Junos OS Evolved before 25.4R1-EVO, Standard Junos OS |
| Attack Vector | Network (Remote) |
| Authentication | None Required |
| Impact | Code Execution as Root (Full Takeover) |
Juniper found this in internal tests; no wild exploits yet. But its simplicity demands quick fixes. Update to patched releases: 25.4R1-S1-EVO, 25.4R2-EVO, 26.2R1-EVO, or later. Check the official bulletin.
Can’t patch now? Block the service with ACLs or firewall rules allow only trusted sources. Or disable it via CLI: request pfe anomalies disable. This kills the exposure until you upgrade.
Network teams should scan for PTX routers, test patches in labs, and monitor logs for odd port hits. This flaw highlights risks in default-enabled services on backbone routers.
Follow us on Google News, LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google
The post Juniper PTX Routers at Risk as Critical Vulnerability Enables Full Device Takeover appeared first on Cyber Security News.
The Star Wars license saved the LEGO company from bankruptcy back in 1999, and LEGO…
Pick up Apple's flagship watch at an outstanding price just in time for Mother's Day.…
Pokémon scalpers are ensuring that fans can't even enjoy the little things in life, as…
It’s Star Wars Day, and to celebrate, I’ve rounded up some of the favorite deals…
Nielsen celebrated Star Wars Day 2026 with a breakdown of the galaxy-sized amount of content…
It’s May 4 — a date that happens to sound similar to “May the Force,”…
This website uses cookies.