CVE-2026-21913

15.01.2026, 21:16

An Incorrect Initialization of Resource vulnerability in the Internal Device Manager (IDM) of Juniper Networks Junos OS on EX4000 models allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).

On EX4000 models with 48 ports (EX4000-48T, EX4000-48P, EX4000-48MP)a high volume of traffic destined to the device will cause an FXPC crash and restart, which leads to a complete service outage until the device has automatically restarted.




The following reboot reason can be seen in the output of 'show chassis routing-engine' and as a log message:

 reason=0x4000002 reason_string=0x4000002:watchdog + panic with core dump 




This issue affects Junos OS on EX4000-48T, EX4000-48P and EX4000-48MP:



  *  24.4 versions before 24.4R2,
  *  25.2 versions before 25.2R1-S2, 25.2R2.




This issue does not affect versions before 24.4R1 as the first Junos OS version for the EX4000 models was 24.4R1.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
juniper	CNA	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Vulnerability Media Exposure

[GERMAN] Juniper Junos OS, Junos Space: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen in Juniper JUNOS und Juniper Junos Space ausnutzen, um falsche Informationen darzustellen, beliebigen Code mit Root-Rechten auszuführen, Daten zu manipulieren, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand zu verursachen.
Published: 2026-01-14T23:00:00+00:00

References

https://kb.juniper.net/JSA106014

https://supportportal.juniper.net/JSA106014