{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-33778", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "state": "PUBLISHED", "assignerShortName": "juniper", "dateReserved": "2026-03-23T19:46:13.669Z", "datePublished": "2026-04-09T21:35:10.585Z", "dateUpdated": "2026-04-10T14:11:42.844Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["SRX Series", "MX Series"], "product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"lessThan": "22.4R3-S9", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThan": "23.2R2-S6", "status": "affected", "version": "23.2", "versionType": "semver"}, {"lessThan": "23.4R2-S7", "status": "affected", "version": "23.4", "versionType": "semver"}, {"lessThan": "24.2R2-S4", "status": "affected", "version": "24.2", "versionType": "semver"}, {"lessThan": "24.4R2-S3", "status": "affected", "version": "24.4", "versionType": "semver"}, {"lessThan": "25.2R1-S2, 25.2R2", "status": "affected", "version": "25.2", "versionType": "semver"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An SRX or MX device is only exploitable when it is configured for IPsec VPN services."}], "value": "An SRX or MX device is only exploitable when it is configured for IPsec VPN services."}], "datePublic": "2026-04-08T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An Improper Validation of Syntactic Correctness of Input vulnerability in the IPsec library used by kmd and iked of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated, network-based attacker to cause a complete Denial-of-Service (DoS).<br><br>If an affected device receives a specifically malformed first ISAKMP packet from the initiator, the kmd/iked process will crash and restart, which momentarily prevents new security associations (SAs) for from being established. Repeated exploitation of this vulnerability causes a complete inability to establish new VPN connections.<br><br><p>This issue affects Junos OS on \n\nSRX Series and MX Series:</p><p></p><ul><li>all versions before 22.4R3-S9,</li><li>23.2 version before 23.2R2-S6,</li><li>23.4 version before 23.4R2-S7,</li><li>24.2 versions before 24.2R2-S4,</li><li>24.4 versions before 24.4R2-S3,</li><li>25.2 versions before 25.2R1-S2, 25.2R2.</li></ul><p></p><p><br></p>"}], "value": "An Improper Validation of Syntactic Correctness of Input vulnerability in the IPsec library used by kmd and iked of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated, network-based attacker to cause a complete Denial-of-Service (DoS).\n\nIf an affected device receives a specifically malformed first ISAKMP packet from the initiator, the kmd/iked process will crash and restart, which momentarily prevents new security associations (SAs) for from being established. Repeated exploitation of this vulnerability causes a complete inability to establish new VPN connections.\n\nThis issue affects Junos OS on \n\nSRX Series and MX Series:\n\n\n\n * all versions before 22.4R3-S9,\n * 23.2 version before 23.2R2-S6,\n * 23.4 version before 23.4R2-S7,\n * 24.2 versions before 24.2R2-S4,\n * 24.4 versions before 24.4R2-S3,\n * 25.2 versions before 25.2R1-S2, 25.2R2."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV4_0": {"Automatable": "YES", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.7, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/RE:M", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-1286", "description": "CWE-1286 Improper Validation of Syntactic Correctness of Input", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2026-04-09T21:35:10.585Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://kb.juniper.net/JSA107868"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The following software releases have been updated to resolve this specific issue: 22.4R3-S9, 23.2R2-S6, 23.4R2-S7, 24.2R2-S4, 24.4R2-S3, 25.2R1-S2, 25.2R2, 25.4R1, and all subsequent releases."}], "value": "The following software releases have been updated to resolve this specific issue: 22.4R3-S9, 23.2R2-S6, 23.4R2-S7, 24.2R2-S4, 24.4R2-S3, 25.2R1-S2, 25.2R2, 25.4R1, and all subsequent releases."}], "source": {"advisory": "JSA107868", "defect": ["1909025"], "discovery": "USER"}, "title": "Junos OS: SRX Series, MX Series: When a specifically malformed first ISAKMP packet is received kmd/iked crashes", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "There are no known workarounds for this issue."}], "value": "There are no known workarounds for this issue."}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-10T14:10:45.560654Z", "id": "CVE-2026-33778", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-10T14:11:42.844Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-33778", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-10T14:10:45.560654Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-10T14:10:59.833Z"}}], "cna": {"title": "Junos OS: SRX Series, MX Series: When a specifically malformed first ISAKMP packet is received kmd/iked crashes", "source": {"defect": ["1909025"], "advisory": "JSA107868", "discovery": "USER"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.7, "Automatable": "YES", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/RE:M", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Juniper Networks", "product": "Junos OS", "versions": [{"status": "affected", "version": "0", "lessThan": "22.4R3-S9", "versionType": "semver"}, {"status": "affected", "version": "23.2", "lessThan": "23.2R2-S6", "versionType": "semver"}, {"status": "affected", "version": "23.4", "lessThan": "23.4R2-S7", "versionType": "semver"}, {"status": "affected", "version": "24.2", "lessThan": "24.2R2-S4", "versionType": "semver"}, {"status": "affected", "version": "24.4", "lessThan": "24.4R2-S3", "versionType": "semver"}, {"status": "affected", "version": "25.2", "lessThan": "25.2R1-S2, 25.2R2", "versionType": "semver"}], "platforms": ["SRX Series", "MX Series"], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", "supportingMedia": [{"type": "text/html", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", "base64": false}]}], "solutions": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: 22.4R3-S9, 23.2R2-S6, 23.4R2-S7, 24.2R2-S4, 24.4R2-S3, 25.2R1-S2, 25.2R2, 25.4R1, and all subsequent releases.", "supportingMedia": [{"type": "text/html", "value": "The following software releases have been updated to resolve this specific issue: 22.4R3-S9, 23.2R2-S6, 23.4R2-S7, 24.2R2-S4, 24.4R2-S3, 25.2R1-S2, 25.2R2, 25.4R1, and all subsequent releases.", "base64": false}]}], "datePublic": "2026-04-08T16:00:00.000Z", "references": [{"url": "https://kb.juniper.net/JSA107868", "tags": ["vendor-advisory"]}], "workarounds": [{"lang": "en", "value": "There are no known workarounds for this issue.", "supportingMedia": [{"type": "text/html", "value": "There are no known workarounds for this issue.", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "An Improper Validation of Syntactic Correctness of Input vulnerability in the IPsec library used by kmd and iked of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated, network-based attacker to cause a complete Denial-of-Service (DoS).\n\nIf an affected device receives a specifically malformed first ISAKMP packet from the initiator, the kmd/iked process will crash and restart, which momentarily prevents new security associations (SAs) for from being established. Repeated exploitation of this vulnerability causes a complete inability to establish new VPN connections.\n\nThis issue affects Junos OS on \n\nSRX Series and MX Series:\n\n\n\n * all versions before 22.4R3-S9,\n * 23.2 version before 23.2R2-S6,\n * 23.4 version before 23.4R2-S7,\n * 24.2 versions before 24.2R2-S4,\n * 24.4 versions before 24.4R2-S3,\n * 25.2 versions before 25.2R1-S2, 25.2R2.", "supportingMedia": [{"type": "text/html", "value": "An Improper Validation of Syntactic Correctness of Input vulnerability in the IPsec library used by kmd and iked of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated, network-based attacker to cause a complete Denial-of-Service (DoS).<br><br>If an affected device receives a specifically malformed first ISAKMP packet from the initiator, the kmd/iked process will crash and restart, which momentarily prevents new security associations (SAs) for from being established. Repeated exploitation of this vulnerability causes a complete inability to establish new VPN connections.<br><br><p>This issue affects Junos OS on \n\nSRX Series and MX Series:</p><p></p><ul><li>all versions before 22.4R3-S9,</li><li>23.2 version before 23.2R2-S6,</li><li>23.4 version before 23.4R2-S7,</li><li>24.2 versions before 24.2R2-S4,</li><li>24.4 versions before 24.4R2-S3,</li><li>25.2 versions before 25.2R1-S2, 25.2R2.</li></ul><p></p><p><br></p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1286", "description": "CWE-1286 Improper Validation of Syntactic Correctness of Input"}]}], "configurations": [{"lang": "en", "value": "An SRX or MX device is only exploitable when it is configured for IPsec VPN services.", "supportingMedia": [{"type": "text/html", "value": "An SRX or MX device is only exploitable when it is configured for IPsec VPN services.", "base64": false}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2026-04-09T21:35:10.585Z"}}}, "cveMetadata": {"cveId": "CVE-2026-33778", "state": "PUBLISHED", "dateUpdated": "2026-04-10T14:11:42.844Z", "dateReserved": "2026-03-23T19:46:13.669Z", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "datePublished": "2026-04-09T21:35:10.585Z", "assignerShortName": "juniper"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An Improper Validation of Syntactic Correctness of Input vulnerability in the IPsec library used by kmd and iked of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated, network-based attacker to cause a complete Denial-of-Service (DoS).\n\nIf an affected device receives a specifically malformed first ISAKMP packet from the initiator, the kmd/iked process will crash and restart, which momentarily prevents new security associations (SAs) for from being established. Repeated exploitation of this vulnerability causes a complete inability to establish new VPN connections.\n\nThis issue affects Junos OS on \n\nSRX Series and MX Series:\n\n\n\n * all versions before 22.4R3-S9,\n * 23.2 version before 23.2R2-S6,\n * 23.4 version before 23.4R2-S7,\n * 24.2 versions before 24.2R2-S4,\n * 24.4 versions before 24.4R2-S3,\n * 25.2 versions before 25.2R1-S2, 25.2R2."}], "id": "CVE-2026-33778", "lastModified": "2026-04-09T22:16:26.500", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "sirt@juniper.net", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "YES", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:M/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "source": "sirt@juniper.net", "type": "Secondary"}]}, "published": "2026-04-09T22:16:26.500", "references": [{"source": "sirt@juniper.net", "url": "https://kb.juniper.net/JSA107868"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1286"}], "source": "sirt@juniper.net", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": ["srx_series", "mx_series"], "status": "affected", "versions": {"scheme": "generic", "value": "[0,22.4R3-S9)"}}, {"platform": ["srx_series", "mx_series"], "status": "affected", "versions": {"scheme": "generic", "value": "[23.2,23.2R2-S6)"}}, {"platform": ["srx_series", "mx_series"], "status": "affected", "versions": {"scheme": "generic", "value": "[23.4,23.4R2-S7)"}}, {"platform": ["srx_series", "mx_series"], "status": "affected", "versions": {"scheme": "generic", "value": "[24.2,24.2R2-S4)"}}, {"platform": ["srx_series", "mx_series"], "status": "affected", "versions": {"scheme": "generic", "value": "[24.4,24.4R2-S3)"}}, {"platform": ["srx_series", "mx_series"], "status": "affected", "versions": {"scheme": "generic", "value": "[25.2,25.2R1-S2)"}}, {"platform": ["srx_series", "mx_series"], "status": "affected", "versions": {"scheme": "generic", "value": "[25.2,25.2R2)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Junos OS", "source": "cna", "vendor": "Juniper Networks"}, "product": "junos_os", "vendor": "juniper_networks"}], "analysis": {"en": {"generated_at": "2026-04-09T23:25:58.969150+00:00", "value": {"mitigation_remediation": ["Apply the Juniper Junos\u00a0OS update that includes the fix, such as 22.4R3\u2011S9, 23.2R2\u2011S6, 23.4R2\u2011S7, 24.2R2\u2011S4, 24.4R2\u2011S3, or 25.2R1\u2011S2/25.2R2 and later releases.", "If patching cannot be performed immediately, monitor VPN connections for repeated IKE session failures and consider isolating the affected device to prevent prolonged VPN disruption."], "summary": {"action": "Immediate Patch", "impact": "Denial-of-Service via IKE packet crash"}, "threat_synthesis": {"affected_systems": "Juniper Networks Junos\u00a0OS on SRX Series and MX Series devices are affected. Any release prior to 22.4R3\u2011S9, 23.2R2\u2011S6, 23.4R2\u2011S7, 24.2R2\u2011S4, 24.4R2\u2011S3, or 25.2R1\u2011S2/25.2R2 is vulnerable. All subsequent releases contain the correction and are immune.", "description_and_impact": "The vulnerability is an improper validation of syntactically correct input in the IPsec library used by Juniper\u2019s kmd and iked processes. When a malformed first ISAKMP packet is received from an initiator, the kmd/iked service crashes and restarts. This crash temporarily blocks the establishment of new security associations, and repeated exploitation can lead to a complete inability to form new VPN connections, effectively causing a denial of service. The flaw permits an unauthenticated, network\u2011based attacker to trigger the reset without needing any privileged access.", "risk_and_exploitability": "The CVSS base score of 8.7 indicates high severity, though EPSS data is unavailable and the vulnerability is not listed in CISA\u2019s KEV catalog. The attack vector is network\u2011based and does not require authentication, so any host within the device\u2019s reach could send a crafted IKE packet to trigger a crash. Because the flaw causes a DoS condition, the risk to service availability is significant, especially for organizations relying on SRX or MX series VPN connectivity."}}}}, "created": "2026-04-10T08:36:56.384974+00:00", "updated": "2026-04-10T09:27:53.966833+00:00", "vendors": ["juniper_networks", "juniper_networks$PRODUCT$junos_os"]}