A Time‑of‑check Time‑of‑use race condition in Junos OS allows a local low‑privileged user to trigger a line card reset by repeatedly running the 'show system firmware' CLI command. The vulnerability can cause an LC480 or LC2101 card to reboot, and after a short delay the chassis daemon may also crash and restart, producing a core dump. The impact is disruption of network services on the affected device, with possible loss of traffic paths and increased maintenance overhead.

The issue affects Juniper Networks Junos OS on MX10k Series devices equipped with LC480 or LC2101 line cards. All software releases prior to 21.2R3‑S10, before 21.4R3‑S9, before 22.2R3‑S7, before 22.4R3‑S6, before 23.2R2‑S2, before 23.4R2‑S3, and before 24.2R2 are vulnerable. The affected products include the MX10k Series chassis and the specified line cards, and any Junos OS installation matching these release ranges.

The CVSS score of 6.8 indicates moderate severity, while the EPSS score of less than 1% suggests low likelihood of exploitation in the wild at present. Since the vulnerability requires local low‑privileged access and involves a race condition, an attacker must have console or privileged SSH access to the router. The vendor has not listed this as a Known Exploited Vulnerability, so no publicly available exploit has been confirmed. Nevertheless, the disruption potential warrants prompt remediation, particularly in environments where line card reliability is critical. If the device is exposed to an attacker who can run CLI commands, the local low‑privileged user could repeatedly invoke the command to reset the line card or potentially destabilize the chassis.