CVE-2026-33783

EUVD-2026-21201

09.04.2026, 22:16

A Function Call With Incorrect Argument Type vulnerability in the sensor interface of Juniper Networks Junos OS Evolved on PTX Series allows a network-based, authenticated attacker with low privileges to cause a complete Denial of Service (DoS).


If colored SRTE policy tunnels are provisioned via PCEP, and gRPC is used to monitor traffic in these tunnels, evo-aftmand crashes and doesn't restart which leads to a complete and persistent service impact. The system has to be manually restarted to recover. The issue is seen only when the Originator ASN field in PCEP contains a value larger than 65,535 (32-bit ASN). The issue is not reproducible when SRTE policy tunnels are statically configured.


This issue affects Junos OS Evolved on PTX Series: 



  *  all versions before 22.4R3-S9-EVO,
  *  23.2 versions before 23.2R2-S6-EVO,
  *  23.4 versions before 23.4R2-S7-EVO,
  *  24.2 versions before 24.2R2-S4-EVO,
  *  24.4 versions before 24.4R2-S2-EVO,
  *  25.2 versions before 25.2R1-S2-EVO, 25.2R2-EVO.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	6.5 MEDIUM	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Common Weakness Enumeration

CWE-686 - Function Call With Incorrect Argument Type
The software calls a function, procedure, or routine, but the caller specifies an argument that is the wrong data type, which may lead to resultant weaknesses.

References

https://kb.juniper.net/JSA107870