Unrated severityNVD Advisory· Published Jan 15, 2026· Updated Jan 15, 2026

Junos OS: EX4000: A high volume of traffic destined to the device leads to a crash and restart

CVE-2026-21913

Description

An Incorrect Initialization of Resource vulnerability in the Internal Device Manager (IDM) of Juniper Networks Junos OS on EX4000 models allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).

On EX4000 models with 48 ports (EX4000-48T, EX4000-48P, EX4000-48MP) a high volume of traffic destined to the device will cause an FXPC crash and restart, which leads to a complete service outage until the device has automatically restarted.

The following reboot reason can be seen in the output of 'show chassis routing-engine' and as a log message:

reason=0x4000002 reason_string=0x4000002:watchdog + panic with core dump

This issue affects Junos OS on EX4000-48T, EX4000-48P and EX4000-48MP:

24.4 versions before 24.4R2,
25.2 versions before 25.2R1-S2, 25.2R2.

This issue does not affect versions before 24.4R1 as the first Junos OS version for the EX4000 models was 24.4R1.

Affected products

Juniper Networks/EX4000-48Tllm-create
Juniper Networks/Junosllm-fuzzy
Range: >=24.4R1, <24.4R2; >=25.2R1, <25.2R1-S2 or 25.2R2
Juniper Networks/Junos OSv5
Range: 24.4

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

kb.juniper.net/JSA106014mitrevendor-advisory
supportportal.juniper.net/JSA106014mitrevendor-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000