Description
An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon (chassisd) of Juniper Networks Junos OS on SRX1600, SRX2300 and SRX4300 allows a local attacker with low privileges to cause a complete Denial of Service (DoS).

When a specific 'show chassis' CLI command is executed, chassisd crashes and restarts which causes a momentary impact to all traffic until all modules are online again.

This issue affects Junos OS on SRX1600, SRX2300 and SRX4300:



* 24.4 versions before 24.4R1-S3, 24.4R2.


This issue does not affect Junos OS versions before 24.4R1.
Published: 2026-04-09
Score: 6.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Immediate Patch
AI Analysis

Impact

An improper check for unusual or exceptional conditions in the chassis control daemon (chassisd) allows a local attacker with low privileges to execute a specific 'show chassis' command that causes the daemon to crash and restart. The crash results in a momentary loss of all network traffic until the system fully recovers, effectively creating a denial of service. The weakness is identified as CWE-754, a type of improper resource handling problem.

Affected Systems

The vulnerability affects Juniper Networks Junos OS running on SRX1600, SRX2300 and SRX4300 platforms. Versions of Junos OS prior to 24.4R1-S3 and 24.4R2 are impacted; any releases 24.4R1-S3, 24.4R2, 25.2R1 or later address the issue. Earlier Junos OS releases before 24.4R1 are not affected.

Risk and Exploitability

The CVSS score of 6.8 classifies this as a moderate severity vulnerability. No EPSS score is available, and it is not listed in CISA’s KEV catalog. The attack vector is local, requiring the attacker to have low‑privilege access to the device’s command line. Once the vulnerable command is executed, the impact is immediate and affects the entire device’s operation. The lack of an EPSS score means typical exploitation likelihood cannot be quantified, but the moderate score and local nature suggest that an attacker who has gained foothold on the device could reliably cause a denial of service.

Generated by OpenCVE AI on April 9, 2026 at 22:22 UTC.

Remediation

Vendor Solution

The following software releases have been updated to resolve this specific issue: 24.4R1-S3, 24.4R2, 25.2R1, and all subsequent releases.

Vendor Workaround

Use access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators. Utilize CLI authorization to disallow execution of the 'show chassis' command.

OpenCVE Recommended Actions

  • Upgrade Junos OS to a fixed release (24.4R1‑S3, 24.4R2, 25.2R1 or later).
  • If a patch cannot be applied immediately, limit CLI access to trusted hosts and administrators by configuring access lists or firewall filters.
  • Disable the 'show chassis' command for non‑privileged users using CLI authorization.
  • Monitor the device for attempts to execute the vulnerable command and verify that the firmware has been updated.

Generated by OpenCVE AI on April 9, 2026 at 22:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://kb.juniper.net/JSA107810 cve-icon cve-icon
History

Fri, 17 Apr 2026 17:15:00 +0000

Type Values Removed Values Added
First Time appeared Juniper
Juniper junos
Juniper srx1600
Juniper srx2300
Juniper srx4300
CPEs cpe:2.3:h:juniper:srx1600:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx2300:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx4300:-:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.4:-:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.4:r1-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.4:r1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.4:r2:*:*:*:*:*:*
Vendors & Products Juniper
Juniper junos
Juniper srx1600
Juniper srx2300
Juniper srx4300

Mon, 13 Apr 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 10 Apr 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Juniper Networks
Juniper Networks junos Os
Vendors & Products Juniper Networks
Juniper Networks junos Os

Thu, 09 Apr 2026 21:45:00 +0000

Type Values Removed Values Added
Description An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon (chassisd) of Juniper Networks Junos OS on SRX1600, SRX2300 and SRX4300 allows a local attacker with low privileges to cause a complete Denial of Service (DoS). When a specific 'show chassis' CLI command is executed, chassisd crashes and restarts which causes a momentary impact to all traffic until all modules are online again. This issue affects Junos OS on SRX1600, SRX2300 and SRX4300: * 24.4 versions before 24.4R1-S3, 24.4R2. This issue does not affect Junos OS versions before 24.4R1.
Title Junos OS: SRX1600, SRX2300, SRX4300: When a specific show command is executed chassisd crashes
Weaknesses CWE-754
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

cvssV4_0

{'score': 6.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/RE:M'}

Subscriptions

Juniper Junos Srx1600 Srx2300 Srx4300
Juniper Networks Junos Os
cve-icon MITRE

Status: PUBLISHED

Assigner: juniper

Published:

Updated: 2026-04-13T18:06:20.220Z

Reserved: 2026-03-23T19:46:13.670Z

Link: CVE-2026-33786

cve-icon Vulnrichment

Updated: 2026-04-13T17:58:46.579Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-09T22:16:28.193

Modified: 2026-04-17T17:14:39.240

Link: CVE-2026-33786

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-10T09:28:14Z

Weaknesses