CVE-2026-33788

CWE-306Missing Authentication4 documents4 sources
Severity
8.5HIGH
EPSS
0.0%
top 96.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Juniper Networks Junos OS Evolved
Timeline
PublishedApr 9
Latest updateApr 10

Description

A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators (FPCs) of Juniper Networks Junos OS Evolved on PTX Series allows a local, authenticated attacker with low privileges to gain direct access to FPCs installed in the device. A local user with low privileges can gain direct access to the installed FPCs as a high privileged user, which can potentially lead to a full compromise of the affected component. This issue affects Junos OS Evolved on PTX10004, PT

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:L

Affected Packages1 packages

CVEListV5juniper_networks/junos_os_evolved21.4-EVO21.4R3-S7-EVO+5

🔴Vulnerability Details

3
GHSA
GHSA-w5q7-9fqr-f6hx: A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators (FPCs) of Juniper Networks Junos OS Evolved on PTX Seri2026-04-10
VulDB
Juniper Junos OS Evolved prior 23.2R2-EVO missing authentication (JSA107806)2026-04-10
CVEList
Junos OS Evolved: Local, authenticated attacker can gain privileged access to FPCs2026-04-09
CVE-2026-33788 (HIGH CVSS 8.5) | A Missing Authentication for Critic | cvebase.io