SB2026070868 - Firewall filters bypass in Junos OS
Published: July 8, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Improper Check for Unusual or Exceptional Conditions (CVE-ID: CVE-2026-57031)
CWE-ID: CWE-754 - Improper Check for Unusual or Exceptional Conditions
CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to bypass configured firewall filters.
The vulnerability exists due to improper check for unusual or exceptional conditions in the packet forwarding engine (PFE) when handling traffic from subscribers configured on static interfaces with an input filter. A remote attacker can send network traffic to bypass configured firewall filters.
Only MX Series devices with MPC10/11, LC4800/9600/4802, or MX304 hardware are affected, and exposure requires a configuration for static subscribers with an input filter.
Remediation
Install update from vendor's website.