Junos OS Evolved <23.2R2-EVO: Imp. Restr. of Comm Chnl (License Exhaustion)
CVE-2026-57028 Published on July 9, 2026
Junos OS Evolved: A port which has been inadvertently exposed can be reached by an attacker
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause license exhaustion.
Due to an incorrect initialization, a process which should only be able to communicate internally within the device, can be reached over the network via an open port. This leads to unauthorized access to the license management.
This issue affects all Junos OS Evolved versions before 23.2R2-EVO.
Vulnerability Analysis
CVE-2026-57028 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be low. considered to have a small impact on confidentiality and integrity and availability.
Weakness Type
Improper Restriction of Communication Channel to Intended Endpoints
The software establishes a communication channel to (or from) an endpoint for privileged or protected operations, but it does not properly ensure that it is communicating with the correct endpoint.
Products Associated with CVE-2026-57028
Want to know whenever a new CVE is published for Juniper Networks Junos Os Evolved? stack.watch will email you.
Affected Versions
Juniper Networks Junos OS Evolved:- Before 23.2R2-EVO is affected.