The vulnerability is a Missing Authentication for Critical Function flaw in Juniper Networks Junos OS. It allows a privileged local attacker to issue commands that bypass required authentication, which results in root access on the Linux-based Forwarding Plane Card. As root, the attacker could alter the FPC environment or affect packet forwarding, thereby compromising the device’s confidentiality, integrity, and availability. The weakness is classified as CWE-306.

The flaw targets Juniper Networks Junos OS devices that incorporate Linux‑based line cards. Impacted line cards are MPC7, MPC8, MPC9, MPC10, MPC11, LC2101, LC2103, LC480, LC4800, LC9600, MX304 (built‑in FPC), MX‑SPC3, SRX5K‑SPC3, EX9200‑40XS, FPC3‑PTX‑U2, FPC3‑PTX‑U3, FPC3‑SFF‑PTX, LC1101, LC1102, LC1104, and LC1105. All Junos OS releases prior to 22.4R3‑S8, before 23.2R2‑S6, before 23.4R2‑S6, before 24.2R2‑S3, before 24.4R2, and before 25.2R2 are vulnerable; newer releases contain the fix.

The CVSS score of 8.4 indicates high severity, while the EPSS score of less than 1 % points to a low probability of exploitation in the wild, and the vulnerability is not listed in the CISA KEV catalog. Based on the description, it is inferred that the attacker needs local privileged access, typically through console or authenticated SSH, to issue commands that bypass authentication and gain root on the FPC. The local nature of the attack coupled with the resulting full root on a critical component means that, once an attacker can run privileged commands, the threat vector can lead directly to compromise of device configuration and forwarding behaviour.