Description
An Incorrect Initialization of Resource vulnerability in the Internal Device Manager (IDM) of Juniper Networks Junos OS on EX4000 models allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).

On EX4000 models with 48 ports (EX4000-48T, EX4000-48P, EX4000-48MP) a high volume of traffic destined to the device will cause an FXPC crash and restart, which leads to a complete service outage until the device has automatically restarted.




The following reboot reason can be seen in the output of 'show chassis routing-engine' and as a log message:

  reason=0x4000002 reason_string=0x4000002:watchdog + panic with core dump




This issue affects Junos OS on EX4000-48T, EX4000-48P and EX4000-48MP:



* 24.4 versions before 24.4R2,
* 25.2 versions before 25.2R1-S2, 25.2R2.




This issue does not affect versions before 24.4R1 as the first Junos OS version for the EX4000 models was 24.4R1.
Published: 2026-01-15
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Patch Now
AI Analysis

Impact

An uninitialized resource in the Internal Device Manager of Juniper Networks Junos OS on EX4000 models causes a crash and reboot when the device receives a high volume of traffic aimed at it. The fault can be triggered by any unauthenticated network actor that sends sufficient traffic, resulting in a firmware failure and a full service outage until the system restarts. The primary consequence is a Denial-of-Service that affects network availability for all services running on the device.

Affected Systems

Vulnerable devices are Juniper Networks Junos OS running on EX4000-48T, EX4000-48P, and EX4000-48MP switches. Firmware versions 24.4 prior to 24.4R2 and 25.2 prior to 25.2R1‑S2 or 25.2R2 contain the flaw. All releases equal to or newer than 24.4R2, 25.2R1‑S2, 25.2R2, 25.4R1 or later have been patched. Earlier releases before 24.4R1 are unaffected because the platform first introduced Junos OS 24.4R1.

Risk and Exploitability

With a CVSS score of 8.7 the vulnerability is considered high severity. The EPSS score is below 1%, indicating that exploitation likelihood is low at present, and the flaw is not listed in CISA’s KEV catalog. Nevertheless, the flaw is network‑based and requires no authentication, which means an attacker can craft a DoS attack by flooding the device with traffic. If executed, the device will crash, restart, and cease to provide routing services until the reboot completes. Immediate remediation is required to prevent potential outages.

Generated by OpenCVE AI on April 18, 2026 at 05:57 UTC.

Remediation

Vendor Solution

The following software releases have been updated to resolve this specific issue: 24.4R2, 25.2R1-S2, 25.2R2, 25.4R1, and all subsequent releases.

Vendor Workaround

There are no known workarounds for this issue.

OpenCVE Recommended Actions

  • Upgrade the device to a patched Junos OS release (24.4R2, 25.2R1‑S2, 25.2R2, 25.4R1, or later).
  • Reboot the device after the upgrade to ensure the crash condition is resolved.
  • Deploy traffic shaping or rate limiting on interfaces with high traffic to mitigate accidental overload.
  • Apply firewall or access control restrictions to limit traffic to the EX4000 from untrusted sources.

Generated by OpenCVE AI on April 18, 2026 at 05:57 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 23 Jan 2026 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Juniper
Juniper ex4000-48mp
Juniper ex4000-48p
Juniper ex4000-48t
Juniper junos
Weaknesses CWE-665
CPEs cpe:2.3:h:juniper:ex4000-48mp:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:ex4000-48p:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:ex4000-48t:-:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.4:-:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.4:r1-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.4:r1-s3:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.4:r1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:25.2:-:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:25.2:r1-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:25.2:r1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:25.2:r2:*:*:*:*:*:*
Vendors & Products Juniper
Juniper ex4000-48mp
Juniper ex4000-48p
Juniper ex4000-48t
Juniper junos

Fri, 16 Jan 2026 14:15:00 +0000

Type Values Removed Values Added
First Time appeared Juniper Networks
Juniper Networks junos Os
Vendors & Products Juniper Networks
Juniper Networks junos Os

Thu, 15 Jan 2026 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 15 Jan 2026 20:30:00 +0000

Type Values Removed Values Added
Description An Incorrect Initialization of Resource vulnerability in the Internal Device Manager (IDM) of Juniper Networks Junos OS on EX4000 models allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). On EX4000 models with 48 ports (EX4000-48T, EX4000-48P, EX4000-48MP) a high volume of traffic destined to the device will cause an FXPC crash and restart, which leads to a complete service outage until the device has automatically restarted. The following reboot reason can be seen in the output of 'show chassis routing-engine' and as a log message:   reason=0x4000002 reason_string=0x4000002:watchdog + panic with core dump This issue affects Junos OS on EX4000-48T, EX4000-48P and EX4000-48MP: * 24.4 versions before 24.4R2, * 25.2 versions before 25.2R1-S2, 25.2R2. This issue does not affect versions before 24.4R1 as the first Junos OS version for the EX4000 models was 24.4R1.
Title Junos OS: EX4000: A high volume of traffic destined to the device leads to a crash and restart
Weaknesses CWE-1419
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/RE:M'}

Subscriptions

Juniper Ex4000-48mp Ex4000-48p Ex4000-48t Junos
Juniper Networks Junos Os
cve-icon MITRE

Status: PUBLISHED

Assigner: juniper

Published:

Updated: 2026-01-15T20:45:02.652Z

Reserved: 2026-01-05T17:32:48.710Z

Link: CVE-2026-21913

cve-icon Vulnrichment

Updated: 2026-01-15T20:44:59.188Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-15T21:16:07.537

Modified: 2026-01-23T19:40:56.563

Link: CVE-2026-21913

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T06:00:08Z

Weaknesses