Junos OS Evolved: Out-of-cycle update closes code smuggling vulnerability
Critical vulnerability in Junos OS Evolved on PTX series from Juniper Networks. An unscheduled update closes it.
(Image: anystock/Shutterstock.com)
In the Junos OS Evolved operating system from Juniper Networks PTX series, developers have discovered a critical security vulnerability. It is so severe that the manufacturer has decided to release an update outside the usual cycle.
According to the Juniper Networks security advisory, the vulnerability allows unauthenticated attackers from the network to execute arbitrary code as root user. “An Incorrect Permission Assignment for Critical Resource vulnerability in the On-Box Anomaly detection framework of Juniper Networks Junos OS Evolved on PTX Series allows an unauthenticated, network-based attacker to execute code as 'root',” the developers write for classification (CVE-2026-21902, CVSS 9.8, Risk “critical”).
The anomaly detection of the appliances should actually only be accessible by internal processes via internal routing instances, but not via externally accessible interfaces. With the ability to access and manipulate the service, causing code to be executed as root, attackers from the internet can gain complete control over affected devices, Juniper Networks further explains. The service is also active by default; it does not require any special configuration. So far, Juniper has no reports of malicious exploitation of the security vulnerability. It was discovered during internal tests.
Critical leak in Junos OS Evolved: Affected versions
According to the security advisory, Junos OS Evolved 25.4 on the PTX device series before versions 25.4R1-S1-EVO and 25.4R2-EVO is impacted by the vulnerability. However, versions prior to 25.4R1-EVO do not contain the vulnerability, according to the developers. IT managers should quickly download and install the available updated firmware. Those who cannot do this immediately can disable the service with the command request pfe anomalies disable or restrict access to trusted networks and computers using access lists or firewalls, Juniper suggests.
Videos by heise
Most recently, Juniper Networks distributed planned updates in mid-January. In total, the manufacturer published 26 new security warnings for available updates there.
(dmk)
