CVE-2026-21913

CWE-665 CWE-14194 documents4 sources

Severity

8.7HIGH

EPSS

0.0%

top 95.60%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos

Timeline

PublishedJan 15

Description

An Incorrect Initialization of Resource vulnerability in the Internal Device Manager (IDM) of Juniper Networks Junos OS on EX4000 models allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). On EX4000 models with 48 ports (EX4000-48T, EX4000-48P, EX4000-48MP) a high volume of traffic destined to the device will cause an FXPC crash and restart, which leads to a complete service outage until the device has automatically restarted. The following reboot reason can …

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

Affected Packages2 packages

▶CVEListV5juniper_networks/junos_os24.4 — 24.4R2+1

▶NVDjuniper/junos24.4, 25.2+1

🔴Vulnerability Details

CVEList

Junos OS: EX4000: A high volume of traffic destined to the device leads to a crash and restart↗2026-01-15

▶

GHSA

GHSA-p84c-pfqc-c27p: An Incorrect Initialization of Resource vulnerability in the Internal Device Manager (IDM) of Juniper Networks Junos OS on EX4000 models allows an una↗2026-01-15

▶

📋Vendor Advisories

Juniper

CVE-2026-21913: An Incorrect Initialization of Resource vulnerability in the Internal Device Manager (IDM) of Juniper Networks Junos OS on EX4000 models allows an una↗2026-01-15

▶