Ethical Hacking News
Juniper has issued an emergency patch for a critical remote code execution (RCE) vulnerability in its Junos OS Evolved operating system, affecting PTX routers. The vulnerability allows unauthenticated attackers to execute code as root, prompting network administrators to apply the patch promptly to protect their infrastructure.
Juniper Networks has issued an emergency patch to address a critical remote code execution (RCE) vulnerability in its Junos OS Evolved operating system, tracked as CVE-2026-21902.The RCE flaw resides in the On-Box Anomaly Detection framework of Junos OS Evolved on PTX Series routers, allowing unauthenticated remote attackers to execute code as root.Customers must apply the patch promptly to protect their network infrastructure from potential exploitation, with limited access options available until the patch is applied.Affected versions include 25.4R1-S1-EVO and 25.4R2-EVO; earlier releases or standard Junos OS are not impacted by this vulnerability.
Juniper Networks, a leading provider of network infrastructure solutions, has issued an emergency patch to address a critical remote code execution (RCE) vulnerability in its Junos OS Evolved operating system. The vulnerability, tracked as CVE-2026-21902, has been rated with a CVSS score of 9.3, indicating that it is highly severe and poses significant risks to network administrators.
The RCE flaw resides in the On-Box Anomaly Detection framework of Junos OS Evolved on PTX Series routers, which allows unauthenticated remote attackers to execute code as root. This vulnerability can be exploited due to incorrect permissions, allowing an attacker to take complete control of the device. The service is enabled by default and should only be accessible to internal processes over a secure routing instance.
Juniper discovered this critical vulnerability internally during product security testing and research, but reports no active exploitation at present. However, the company stresses that customers must apply the patch promptly to protect their network infrastructure from potential exploitation.
In an advisory published by Juniper, it is emphasized that limiting access to the vulnerable service using ACLs or firewall filters can help prevent unauthorized access. Alternatively, disabling the service entirely with the request pfe anomalies disable can serve as a workaround until the patch is applied.
The affected versions of Junos OS Evolved include 25.4R1-S1-EVO and 25.4R2-EVO; however, earlier releases or standard Junos OS are not impacted by this vulnerability. It's essential for network administrators to verify their device configurations and apply the patch as soon as possible.
Juniper urges all customers to apply the emergency patch for CVE-2026-21902 without delay to safeguard against potential exploitation of this critical RCE vulnerability. Furthermore, the company recommends that users limit access to the vulnerable service using ACLs or firewall filters to prevent unauthorized access.
The discovery of this critical vulnerability highlights the importance of ongoing security testing and research by network equipment manufacturers. It also underscores the need for proactive patching and configuration management practices among network administrators to ensure the integrity and security of their networks.
Related Information:
https://www.ethicalhackingnews.com/articles/Juniper-Urgently-Addresses-Critical-PTX-Router-RCE-Vulnerability-A-Wake-Up-Call-for-Network-Administrators-ehn.shtml
https://securityaffairs.com/188609/security/juniper-issues-emergency-patch-for-critical-ptx-router-rce.html
https://nvd.nist.gov/vuln/detail/CVE-2026-21902
https://www.cvedetails.com/cve/CVE-2026-21902/
Published: Fri Feb 27 07:11:02 2026 by llama3.2 3B Q4_K_M
