CVE-2026-33788
Published: 09 April 2026
Summary
CVE-2026-33788 is a high-severity Missing Authentication for Critical Function (CWE-306) vulnerability. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 3.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Enforces least privilege to prevent low-privilege local users from gaining unauthorized high-privilege direct access to FPCs.
Requires the system to enforce approved authorizations and authentication for logical access to critical functions like FPCs, blocking missing authentication exploits.
Addresses the specific missing authentication flaw in Junos OS Evolved through timely flaw remediation and patching to fixed versions.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability is a local privilege escalation (low-priv authenticated user gains high-priv FPC access) due to missing authentication for a critical function, directly matching exploitation of a software vulnerability for privilege escalation.
NVD Description
A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators (FPCs) of Juniper Networks Junos OS Evolved on PTX Series allows a local, authenticated attacker with low privileges to gain direct access to FPCs installed in the device.…
more
A local user with low privileges can gain direct access to the installed FPCs as a high privileged user, which can potentially lead to a full compromise of the affected component. This issue affects Junos OS Evolved on PTX10004, PTX10008, PTX100016, with JNP10K-LC1201 or JNP10K-LC1202: * All versions before 21.2R3-S8-EVO, * 21.4-EVO versions before 21.4R3-S7-EVO, * 22.2-EVO versions before 22.2R3-S4-EVO, * 22.3-EVO versions before 22.3R3-S3-EVO, * 22.4-EVO versions before 22.4R3-S2-EVO, * 23.2-EVO versions before 23.2R2-EVO.
Deeper analysisAI
CVE-2026-33788 is a Missing Authentication for Critical Function vulnerability (CWE-306) in the Flexible PIC Concentrators (FPCs) of Juniper Networks Junos OS Evolved on PTX Series routers. It affects PTX10004, PTX10008, and PTX10016 devices equipped with JNP10K-LC1201 or JNP10K-LC1202 line cards. Vulnerable versions include all releases prior to 21.2R3-S8-EVO; 21.4-EVO prior to 21.4R3-S7-EVO; 22.2-EVO prior to 22.2R3-S4-EVO; 22.3-EVO prior to 22.3R3-S3-EVO; 22.4-EVO prior to 22.4R3-S2-EVO; and 23.2-EVO prior to 23.2R2-EVO. The issue has a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), rated High.
A local, authenticated attacker with low privileges can exploit this vulnerability to gain direct access to the installed FPCs as a high-privileged user. This escalation can potentially lead to a full compromise of the affected FPC component.
Juniper's security advisory (JSA107806) details the vulnerability and recommends upgrading to one of the fixed releases listed above to mitigate the issue. Security practitioners should review the advisory for full patch details and verify configurations on affected PTX Series devices.
Details
- CWE(s)