Improper restriction of communication channel to intended endpoints in Junos OS Evolved - CVE-2026-57028
Published: July 8, 2026
Junos OS Evolved
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The vulnerability exists due to improper restriction of communication channel to intended endpoints error. A remote non-authenticated attacker can cause license exhaustion.
Due to an incorrect initialization, a process which should only be able to communicate internally within the device, can be reached over the network via an open port.
This leads to unauthorized access to the license management.