SB2026070868 - Firewall filters bypass in Junos OS



SB2026070868 - Firewall filters bypass in Junos OS

Published: July 8, 2026

Security Bulletin ID SB2026070868
CSH Severity
Medium
Patch available
YES
Number of vulnerabilities 1
Exploitation vector Adjecent network
Highest impact Data manipulation

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 vulnerability.


1) Improper Check for Unusual or Exceptional Conditions (CVE-ID: CVE-2026-57031)

CWE-ID: CWE-754 - Improper Check for Unusual or Exceptional Conditions

CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote attacker to bypass configured firewall filters.

The vulnerability exists due to improper check for unusual or exceptional conditions in the packet forwarding engine (PFE) when handling traffic from subscribers configured on static interfaces with an input filter. A remote attacker can send network traffic to bypass configured firewall filters.

Only MX Series devices with MPC10/11, LC4800/9600/4802, or MX304 hardware are affected, and exposure requires a configuration for static subscribers with an input filter.


Remediation

Install update from vendor's website.