SB2026050826 - Privilege escalation in Junos OS and Junos OS Evolved CLI

Description

This security bulletin contains information about 1 vulnerability.

1) Command injection (CVE-ID: CVE-2026-33791)

CWE-ID: CWE-77 - Command injection

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local privileged user to execute arbitrary shell commands as root.

The vulnerability exists due to command injection in the CLI processing of certain 'set system' commands when handling crafted CLI arguments. A local privileged user can execute specific crafted CLI commands to execute arbitrary shell commands as root.

The injected shell commands are executed with root privileges, which can result in complete compromise of the system.

Remediation

Install update from vendor's website.

References

• https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Execution-of-crafted-CLI-commands-allows-for-arbitrary-shell-injection-as-root-CVE-2026-33791
• https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H