Description
A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators (FPCs) of Juniper Networks Junos OS Evolved on PTX Series allows a local, authenticated attacker with low privileges to gain direct access to FPCs installed in the device.

A local user with low privileges can gain direct access to the installed FPCs as a high privileged user, which can potentially lead to a full compromise of the affected component.

This issue affects Junos OS Evolved on PTX10004, PTX10008, PTX100016, with JNP10K-LC1201 or JNP10K-LC1202:




* All versions before 21.2R3-S8-EVO,
* 21.4-EVO versions before 21.4R3-S7-EVO,
* 22.2-EVO versions before 22.2R3-S4-EVO,
* 22.3-EVO versions before 22.3R3-S3-EVO,
* 22.4-EVO versions before 22.4R3-S2-EVO,
* 23.2-EVO versions before 23.2R2-EVO.
Published: 2026-04-09
Score: 8.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Privilege escalation enabling full compromise
Action: Immediate Patch
AI Analysis

Impact

A missing authentication flaw in the Flexible PIC Concentrators of Juniper Networks Junos OS Evolved allows a local user with low privileges to bypass normal controls and obtain direct access to the installed FPCs as a high privileged user. This escalation can lead to a complete takeover of the affected component and, potentially, the overall device.

Affected Systems

The vulnerability affects Junos OS Evolved running on the PTX series devices PTX10004, PTX10008, and PTX100016 that are equipped with JNP10K-LC1201 or JNP10K-LC1202 modules. All firmware releases before 21.2R3‑S8‑EVO, the 21.4‑EVO series before 21.4R3‑S7‑EVO, the 22.2‑EVO series before 22.2R3‑S4‑EVO, the 22.3‑EVO series before 22.3R3‑S3‑EVO, the 22.4‑EVO series before 22.4R3‑S2‑EVO, and the 23.2‑EVO series before 23.2R2‑EVO are impacted.

Risk and Exploitability

With a CVSS score of 8.5, this issue poses a high severity risk; its EPSS score is not publicly available and it is not listed in the CISA KEV catalog. The attack requires local access and an authenticated low‑privileged account. By exploiting the missing authentication, the attacker can gain unauthorized high‑privilege access to the FPCs, potentially enabling full device compromise. Due to the local nature of the vector and the need for credentialed access, the exploitability is moderate to high within environments where low‑privilege users can interact with the device CLI.

Generated by OpenCVE AI on April 9, 2026 at 22:22 UTC.

Remediation

Vendor Solution

The following software releases have been updated to resolve this specific issue: 21.2R3-S8-EVO, 21.4R3-S7-EVO, 22.2R3-S4-EVO, 22.3R3-S3-EVO, 22.4R3-S2-EVO, 23.2R2-EVO, 23.4R1-EVO, and all subsequent releases.

Vendor Workaround

Use access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators.

OpenCVE Recommended Actions

  • Apply a Junos OS Evolved release that includes the fix (21.2R3‑S8‑EVO or any later version)
  • Restrict CLI access using access lists or firewall filters so only trusted hosts and administrators can connect
  • If an upgrade is not immediately possible, limit exposure of local low‑privileged accounts or enforce stricter segregation of control functions

Generated by OpenCVE AI on April 9, 2026 at 22:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://kb.juniper.net/JSA107806 cve-icon cve-icon
History

Mon, 13 Apr 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 10 Apr 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Juniper Networks
Juniper Networks junos Os Evolved
Vendors & Products Juniper Networks
Juniper Networks junos Os Evolved

Thu, 09 Apr 2026 21:45:00 +0000

Type Values Removed Values Added
Description A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators (FPCs) of Juniper Networks Junos OS Evolved on PTX Series allows a local, authenticated attacker with low privileges to gain direct access to FPCs installed in the device. A local user with low privileges can gain direct access to the installed FPCs as a high privileged user, which can potentially lead to a full compromise of the affected component. This issue affects Junos OS Evolved on PTX10004, PTX10008, PTX100016, with JNP10K-LC1201 or JNP10K-LC1202: * All versions before 21.2R3-S8-EVO, * 21.4-EVO versions before 21.4R3-S7-EVO, * 22.2-EVO versions before 22.2R3-S4-EVO, * 22.3-EVO versions before 22.3R3-S3-EVO, * 22.4-EVO versions before 22.4R3-S2-EVO, * 23.2-EVO versions before 23.2R2-EVO.
Title Junos OS Evolved: Local, authenticated attacker can gain privileged access to FPCs
Weaknesses CWE-306
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:L/AU:Y/R:U/RE:M'}

Subscriptions

Juniper Networks Junos Os Evolved
cve-icon MITRE

Status: PUBLISHED

Assigner: juniper

Published:

Updated: 2026-04-13T13:04:16.251Z

Reserved: 2026-03-23T19:46:13.671Z

Link: CVE-2026-33788

cve-icon Vulnrichment

Updated: 2026-04-13T13:00:21.486Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-09T22:16:28.593

Modified: 2026-04-13T15:02:27.760

Link: CVE-2026-33788

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-10T09:28:17Z

Weaknesses