Improper Initialization in Junos OS - CVE-2026-33773

 

Improper Initialization in Junos OS - CVE-2026-33773

Published: May 8, 2026


Vulnerability identifier: #VU130705
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2026-33773
CWE-ID: CWE-665
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: Juniper Networks, Inc.
Affected software:
Junos OS

Detailed vulnerability description

The vulnerability allows a remote attacker to bypass egress filtering and send traffic that should have been blocked.

The vulnerability exists due to incorrect initialization of resource in the packet forwarding engine (pfe) when applying the same family inet or inet6 egress filter on both an IRB interface and a physical interface. A remote attacker can send network traffic to bypass one of the configured filters and send traffic that should have been blocked.

The issue occurs only when the same filter is configured as an output filter on both an IRB interface and a non-IRB interface.


How to mitigate CVE-2026-33773

Install security update from vendor's website.

Sources