Vulnerability

CERT-In Vulnerability Note CIVN-2026-0055
Juniper Networks Junos OS and Junos OS Evolved denial of service Vulnerability

Original Issue Date:January 29, 2026

Severity Rating: HIGH

Software Affected

Junos OS:

from 23.2R2-S1 before 23.2R2-S5,
from 23.4R2 before 23.4R2-S6,
from 24.2 before 24.2R2-S3,
from 24.4 before 24.4R2-S1,
from 25.2 before 25.2R1-S2, 25.2R2;

Junos OS Evolved:

from 23.2R2-S1 before 23.2R2-S5-EVO,
from 23.4R2 before 23.4R2-S6-EVO,
from 24.2 before 24.2R2-S3-EVO,
from 24.4 before 24.4R2-S1-EVO,
from 25.2 before 25.2R1-S2-EVO, 25.2R2-EVO.

Overview

A use-after-free vulnerability has been reported in Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-adjacent attacker to crash the 802.1X dot1xd process or potentially execute arbitrary code as root, resulting in a Denial of Service.

Target Audience:
Network administrators, security engineers, SOC analysts, and IT operations teams responsible for managing and securing Juniper Networks Junos OS and Junos OS Evolved devices.

Risk Assessment:
High risks of service interruption and unauthorized access.

Impact Assessment:
Potential impact on confidentiality, integrity and availability of the system.

Description

This vulnerability exists in Juniper Networks Junos OS and Junos OS Evolved due to an use-after-free was identified in the 802.1X authentication daemon (dot1xd). An authenticated, network-adjacent attacker can exploit this vulnerability to execute arbitrary code within the context of the process which runs with root privileges.

Successful exploitation of this vulnerability could allow to an attacker to flap a port causing the dot1xd process to crash and resulting in a Denial of Service (DoS).

Solution

Apply appropriate updates as mentioned in:
The following software releases have been updated to resolve this specific issue:
Junos OS 23.2R2-S5, 23.4R2-S6, 24.2R2-S3, 24.4R2-S1, 25.2R1-S2, 25.2R2, 25.4R1, and all subsequent releases.
Junos OS Evolved: 23.2R2-S5-EVO, 23.4R2-S6-EVO, 24.2R2-S3-EVO, 24.4R2-S1-EVO, 25.2R1-S2-EVO, 25.2R2-EVO, 25.4R1-EVO

Vendor Information

Juniper
https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Use-after-free-vulnerability-In-802-1X-authentication-daemon-can-cause-crash-of-the-dot1xd-process-CVE-2026-21908

References

CVE Name
CVE-2026-21908

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Email: info@cert-in.org.in
Phone: +91-11-22902657

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
Electronics Niketan
6, CGO Complex, Lodhi Road,
New Delhi - 110 003
India