CVE-2026-21902 — Incorrect Permission Assignment in Networks Junos OS Evolved
Severity
9.3CRITICALNVD
EPSS
0.3%
top 47.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedFeb 25
Latest updateMar 3
Description
An Incorrect Permission Assignment for Critical Resource vulnerability in the On-Box Anomaly detection framework of Juniper Networks Junos OS Evolved on PTX Series allows an unauthenticated, network-based attacker to execute code as root.
The On-Box Anomaly detection framework should only be reachable by other internal processes over the internal routing instance, but not over an externally exposed port. With the ability to access and manipulate the service to execute code as root a remote atta…
CVSS vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:L
Affected Packages2 packages
🔴Vulnerability Details
3CVEList▶
Junos OS Evolved: PTX Series: A vulnerability allows a unauthenticated, network-based attacker to execute code as root↗2026-02-25
GHSA▶
GHSA-5w57-gjvc-whwc: An Incorrect Permission Assignment for Critical Resource vulnerability in the On-Box Anomaly detection framework of Juniper Networks Junos OS Evolved↗2026-02-25
🔍Detection Rules
4Suricata▶
ET WEB_SPECIFIC_APPS Juniper PTX Series On-Box Anomaly Detection Framwork Command Injection Attempt (CVE-2026-21902) M1↗2026-03-03
Suricata▶
ET WEB_SPECIFIC_APPS Juniper PTX Series On-Box Anomaly Detection Framwork Command Injection Attempt (CVE-2026-21902) M2↗2026-03-03
Suricata▶
ET WEB_SPECIFIC_APPS Juniper PTX Series On-Box Anomaly Detection Framwork Command Injection Attempt (CVE-2026-21902) M3↗2026-03-03
Suricata▶
ET WEB_SPECIFIC_APPS Juniper PTX Series On-Box Anomaly Detection Framwork Command Injection Attempt (CVE-2026-21902) M4↗2026-03-03
📋Vendor Advisories
1Juniper▶
CVE-2026-21902: An Incorrect Permission Assignment for Critical Resource vulnerability in the On-Box Anomaly detection framework of Juniper Networks Junos OS Evolved↗2026-02-25