Junos OS Evolved V<23.4R2: Improper Channel Restriction (Info Leak)
CVE-2026-33803 Published on July 9, 2026
Junos OS Evolved: A port which has been inadvertently exposed can be reached by an attacker
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited information disclosure and availability impact to the device.
Due to a wrong initialization, a process which should only be able to communicate internally within the device can be reached over the network via an open port. This leads to a device being inadvertently exposed and increased CPU cycles spent processing ingress packets.
This issue affects Junos OS Evolved:
* all versions before 23.2R2-S7-EVO,
* 23.4 versions before 23.4R2-S8-EVO,
* 24.2 versions before 24.2R2-S5-EVO,
* 24.4 versions before 24.4R2-S4-EVO,
* 25.2 versions before 25.2R2-S1-EVO,
* 25.4 versions before 25.4R1-S2-EVO.
Vulnerability Analysis
CVE-2026-33803 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity, and a small impact on availability.
Weakness Type
Improper Restriction of Communication Channel to Intended Endpoints
The software establishes a communication channel to (or from) an endpoint for privileged or protected operations, but it does not properly ensure that it is communicating with the correct endpoint.
Products Associated with CVE-2026-33803
Want to know whenever a new CVE is published for Juniper Networks Junos Os Evolved? stack.watch will email you.
Affected Versions
Juniper Networks Junos OS Evolved:- Before 23.2R2-S7-EVO is affected.
- Version 23.4 and below 23.4R2-S8-EVO is affected.
- Version 24.2 and below 24.2R2-S5-EVO is affected.
- Version 24.4 and below 24.4R2-S4-EVO is affected.
- Version 25.2 and below 25.2R2-S1-EVO is affected.
- Version 25.4 and below 25.4R1-S2-EVO is affected.