VYPR
Get started
← All advisories
Medium severity6.5NVD Advisory· Published Apr 9, 2026· Updated Apr 17, 2026

CVE-2026-33783

CVE-2026-33783

Description

A Function Call With Incorrect Argument Type vulnerability in the sensor interface of Juniper Networks Junos OS Evolved on PTX Series allows a network-based, authenticated attacker with low privileges to cause a complete Denial of Service (DoS).

If colored SRTE policy tunnels are provisioned via PCEP, and gRPC is used to monitor traffic in these tunnels, evo-aftmand crashes and doesn't restart which leads to a complete and persistent service impact. The system has to be manually restarted to recover. The issue is seen only when the Originator ASN field in PCEP contains a value larger than 65,535 (32-bit ASN). The issue is not reproducible when SRTE policy tunnels are statically configured.

This issue affects Junos OS Evolved on PTX Series:

  • all versions before 22.4R3-S9-EVO,
  • 23.2 versions before 23.2R2-S6-EVO,
  • 23.4 versions before 23.4R2-S7-EVO,
  • 24.2 versions before 24.2R2-S4-EVO,
  • 24.4 versions before 24.4R2-S2-EVO,
  • 25.2 versions before 25.2R1-S2-EVO, 25.2R2-EVO.

Affected products

54
  • Juniper Networks/Junos Os Evolved54 versions
    cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*+ 53 more
    • cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*range: <22.4
    • cpe:2.3:o:juniper:junos_os_evolved:22.4:-:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:22.4:r1:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:22.4:r2:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s1:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s2:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:22.4:r3:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s1:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s2:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s3:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s4:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s5:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s6:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s7:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:23.2:-:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:23.2:r1:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s1:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s2:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:23.2:r2:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s1:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s2:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s3:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s4:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s5:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:23.4:-:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:23.4:r1:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s1:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s2:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:23.4:r2:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s1:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s2:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s3:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s4:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s5:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s6:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:24.2:-:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:24.2:r1:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:24.2:r1-s2:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:24.2:r2:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:24.2:r2-s1:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:24.2:r2-s2:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:24.2:r2-s3:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:24.4:-:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:24.4:r1:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:24.4:r1-s2:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:24.4:r1-s3:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:24.4:r2:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:24.4:r2-s1:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:25.2:-:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:25.2:r1:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:25.2:r1-s1:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos_os_evolved:25.2:r2:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.