CVE-2026-33790
Published: 09 April 2026
Summary
CVE-2026-33790 is a high-severity Improper Check for Unusual or Exceptional Conditions (CWE-754) vulnerability in Juniper Junos. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 17.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires validation of incoming ICMPv6 packets during NAT64 translation to reject malformed ones and prevent srxpfe process crashes.
Protects against denial-of-service events by limiting the impact of repeated malformed ICMPv6 packets causing sustained srxpfe process restarts.
Ensures secure error handling for unusual conditions like malformed ICMPv6 packets to avoid compromising availability through crashes.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Malformed ICMPv6 packet triggers improper condition check leading to srxpfe process crash/restart; directly enables application/system exploitation for sustained endpoint DoS.
NVD Description
An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon (flowd) of Juniper Networks Junos OS on SRX Series allows an attacker sending a specific, malformed ICMPv6 packet to cause the srxpfe process to crash and restart.…
more
Continued receipt and processing of these packets will repeatedly crash the srxpfe process and sustain the Denial of Service (DoS) condition. During NAT64 translation, receipt of a specific, malformed ICMPv6 packet destined to the device will cause the srxpfe process to crash and restart. This issue cannot be triggered using IPv4 nor other IPv6 traffic. This issue affects Junos OS on SRX Series: * all versions before 21.2R3-S10, * all versions of 21.3, * from 21.4 before 21.4R3-S12, * all versions of 22.1, * from 22.2 before 22.2R3-S8, * all versions of 22.4, * from 22.4 before 22.4R3-S9, * from 23.2 before 23.2R2-S6, * from 23.4 before 23.4R2-S7, * from 24.2 before 24.2R2-S3, * from 24.4 before 24.4R2-S3, * from 25.2 before 25.2R1-S2, 25.2R2.
Deeper analysisAI
CVE-2026-33790 is an Improper Check for Unusual or Exceptional Conditions vulnerability (CWE-754) in the flow daemon (flowd) of Juniper Networks Junos OS on SRX Series devices. The issue occurs during NAT64 translation when the device receives a specific malformed ICMPv6 packet destined to it, causing the srxpfe process to crash and restart. This vulnerability cannot be triggered using IPv4 traffic or other types of IPv6 traffic. It affects Junos OS on SRX Series across multiple versions, including all versions prior to 21.2R3-S10, all 21.3 versions, 21.4 prior to 21.4R3-S12, all 22.1 versions, 22.2 prior to 22.2R3-S8, all 22.4 versions prior to 22.4R3-S9, 23.2 prior to 23.2R2-S6, 23.4 prior to 23.4R2-S7, 24.2 prior to 24.2R2-S3, 24.4 prior to 24.4R2-S3, and 25.2 prior to 25.2R1-S2 or 25.2R2.
A network-accessible attacker with no privileges required can exploit this vulnerability by sending the malformed ICMPv6 packet to a vulnerable SRX Series device performing NAT64 translation. A single packet triggers an srxpfe process crash and restart, while continued transmission of such packets sustains a denial-of-service condition by repeatedly crashing the process. The vulnerability has a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), indicating high availability impact with low complexity and no user interaction needed.
The Juniper security advisory at https://kb.juniper.net/JSA107874 provides details on affected versions and recommended patches, such as upgrading to fixed releases like 21.2R3-S10 and later where applicable. Security practitioners should consult this advisory for precise mitigation steps and verification procedures.
Details
- CWE(s)