CVE-2026-21902CRITICAL 9.8EPSS p96.8%

CVE-2026-21902CVE-2026-21902

Description

An Incorrect Permission Assignment for Critical Resource vulnerability in the On-Box Anomaly detection framework of Juniper Networks Junos OS Evolved on PTX Series allows an unauthenticated, network-based attacker to execute code as root. The On-Box Anomaly detection framework should only be reachable by other internal processes over the internal routing instance, but not over an externally exposed port. With the ability to access and manipulate the service to execute code as root a remote attacker can take complete control of the device. Please note that this service is enabled by default as no specific configuration is required. This issue affects Junos OS Evolved on PTX Series: * 25.4 versions before 25.4R1-S1-EVO, 25.4R2-EVO. This issue does not affect Junos OS Evolved versions before 25.4R1-EVO. This issue does not affect Junos OS.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS17.71% probability of exploitation · percentile 96.8% · 2026-06-18T12:00:27Z
Published2026-02-25
Last modified2026-03-30

Underlying weaknesses· 1

CWE-732

References

  1. https://kb.juniper.net/JSA107128
  2. https://supportportal.juniper.net/JSA107128
  3. https://github.com/watchtowrlabs/watchTowr-vs-JunosEvolved-CVE-2026-21902/blob/main/watchTowr-vs-JunosEvolved-CVE-2026-21902.py

1

TypeTargetConfidenceTier
WeaknessIncorrect Permission Assignment for Critical Resourcecwe-7320%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability
CVE
CVE-2026-33785
CVE
CVE-2026-0261
CVE
CVE-2026-0272
CVE
CVE-2026-21956
CVE
CVE-2026-0273
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.