Description
An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon (chassisd) of Juniper Networks Junos OS on SRX1500, SRX4100, SRX4200 and SRX4600 allows a local attacker with low privileges to cause a complete Denial of Service (DoS).

When a specific 'show chassis' CLI command is executed, chassisd crashes and restarts which causes a momentary impact to all traffic until all modules are online again.



This issue affects Junos OS on SRX1500, SRX4100, SRX4200 and SRX4600: 



* 23.2 versions before 23.2R2-S6,
* 23.4 versions before 23.4R2-S7
* 24.2 versions before 24.2R2-S2,
* 24.4 versions before 24.4R2,
* 25.2 versions before 25.2R1-S1, 25.2R2.
Published: 2026-04-09
Score: 6.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Immediate Patch
AI Analysis

Impact

The vulnerability is located in the chassis control daemon of Junos OS on SRX1500, SRX4100, SRX4200, and SRX4600 routers. A local attacker with low‑privilege access can run a specific 'show chassis' command from the CLI, triggering an improper check for unusual conditions in the daemon. When executed, the daemon crashes and automatically restarts, producing a temporary but complete denial of service as all device modules are brought back online. The weakness is classified as CWE‑754.

Affected Systems

Affected devices are Juniper SRX1500, SRX4100, SRX4200, and SRX4600 running Junos OS 23.2 versions older than 23.2R2‑S6, 23.4 versions older than 23.4R2‑S7, 24.2 versions older than 24.2R2‑S2, 24.4 versions older than 24.4R2, and 25.2 versions older than 25.2R1‑S1 or 25.2R2.

Risk and Exploitability

The CVSS score of 6.8 indicates medium severity, but the absence of an EPSS score and a lack of listing in the KEV catalog suggest the vulnerability is not yet widely exploited. The attack requires local CLI access, which could be obtained by a user with low privileges on the device. Because the exploit triggers simply by running the vulnerable command, it is straightforward once local access exists, and the resulting impact is a short service disruption.

Generated by OpenCVE AI on April 9, 2026 at 23:24 UTC.

Remediation

Vendor Solution

The following software releases have been updated to resolve this specific issue: 23.2R2-S6, 23.4R2-S7, 24.2R2-S2, 24.4R2, 25.2R1-S1, 25.2R2, 25.4R1, and all subsequent releases.

Vendor Workaround

Use access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators. Utilize CLI authorization to disallow execution of the 'show chassis' command.

OpenCVE Recommended Actions

  • Upgrade Junos OS to at least 23.2R2‑S6, 23.4R2‑S7, 24.2R2‑S2, 24.4R2, 25.2R1‑S1, 25.2R2, 25.4R1 or any newer release.
  • If an upgrade is not immediately possible, restrict CLI access to trusted hosts using access lists or firewall filters.
  • Configure CLI authorization to block execution of the 'show chassis' command for low‑privileged users.

Generated by OpenCVE AI on April 9, 2026 at 23:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://kb.juniper.net/JSA107873 cve-icon cve-icon
History

Fri, 10 Apr 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Juniper Networks
Juniper Networks junos Os
Vendors & Products Juniper Networks
Juniper Networks junos Os

Thu, 09 Apr 2026 22:00:00 +0000

Type Values Removed Values Added
Description An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon (chassisd) of Juniper Networks Junos OS on SRX1500, SRX4100, SRX4200 and SRX4600 allows a local attacker with low privileges to cause a complete Denial of Service (DoS). When a specific 'show chassis' CLI command is executed, chassisd crashes and restarts which causes a momentary impact to all traffic until all modules are online again. This issue affects Junos OS on SRX1500, SRX4100, SRX4200 and SRX4600:  * 23.2 versions before 23.2R2-S6, * 23.4 versions before 23.4R2-S7 * 24.2 versions before 24.2R2-S2, * 24.4 versions before 24.4R2, * 25.2 versions before 25.2R1-S1, 25.2R2.
Title Junos OS: SRX1500, SRX4100, SRX4200, SRX4600: When a specific show command is executed chassisd crashes
Weaknesses CWE-754
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

cvssV4_0

{'score': 6.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/RE:M'}

Subscriptions

Juniper Networks Junos Os
cve-icon MITRE

Status: PUBLISHED

Assigner: juniper

Published:

Updated: 2026-04-09T21:37:31.411Z

Reserved: 2026-03-23T19:46:13.671Z

Link: CVE-2026-33787

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-04-09T22:16:28.387

Modified: 2026-04-09T22:16:28.387

Link: CVE-2026-33787

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-10T09:27:48Z

Weaknesses