SB2026050811 - Privilege escalation in Junos OS CLI

Description

This security bulletin contains information about 1 vulnerability.

1) UNIX symbolic link following (CVE-ID: CVE-2026-21916)

CWE-ID: CWE-61 - UNIX Symbolic Link (Symlink) Following

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

The vulnerability allows a local user to escalate privileges to root.

The vulnerability exists due to unix symbolic link following in the CLI when performing a specific 'file link' operation and another user commits unrelated configuration changes. A local user can perform the crafted CLI operation to escalate privileges to root.

User interaction by another user is required to commit unrelated configuration changes after the 'file link' operation.

Remediation

Install update from vendor's website.

References

• https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-A-low-privileged-user-can-escalate-their-privileges-so-that-they-can-login-as-root-CVE-2026-21916
• https://prsearch.juniper.net/problemreport/PR1865633