CVE-2026-33779: CWE-296 Improper Following of a Certificate's Chain of Trust in Juniper Networks Junos OS
An Improper Following of a Certificate's Chain of Trust vulnerability in J-Web of Juniper Networks Junos OS on SRX Series allows a PITM to intercept the communication of the device and get access to confidential information and potentially modify it. When an SRX device is provisioned to connect to Security Director (SD) cloud, it doesn't perform sufficient verification of the received server certificate. This allows a PITM to intercept the communication between the SRX and SD cloud and access credentials and other sensitive information. This issue affects Junos OS: * all versions before 22.4R3-S9, * 23.2 versions before 23.2R2-S6, * 23.4 versions before 23.4R2-S7, * 24.2 versions before 24.2R2-S3, * 24.4 versions before 24.4R2-S2, * 25.2 versions before 25.2R1-S2, 25.2R2.
AI Analysis
Technical Summary
This vulnerability (CWE-296) involves Junos OS SRX devices not properly verifying the chain of trust for server certificates when connecting to the Security Director cloud. This insufficient verification enables a PITM attacker to intercept and access sensitive information, including credentials, and potentially alter data in transit. Affected versions include all releases before 22.4R3-S9, 23.2 versions before 23.2R2-S6, 23.4 versions before 23.4R2-S7, 24.2 versions before 24.2R2-S3, 24.4 versions before 24.4R2-S2, and 25.2 versions before 25.2R1-S2 and 25.2R2. The vulnerability is rated medium severity with a CVSS 3.1 score of 6.5 (Network attack vector, High attack complexity, No privileges required, No user interaction, Unchanged scope, High confidentiality impact, Low integrity impact, No availability impact). Juniper manages remediation for this cloud-hosted service, and a patch is available.
Potential Impact
Successful exploitation allows a proxy-in-the-middle attacker to intercept communications between SRX devices and the Security Director cloud, gaining access to confidential information such as credentials and potentially modifying data. This compromises confidentiality and partially impacts integrity but does not affect availability. The medium CVSS score reflects this moderate impact.
Mitigation Recommendations
A patch is available from Juniper Networks to address this vulnerability. Since the affected component is a cloud service, Juniper manages remediation on the server side. Users should ensure their devices are updated to the fixed versions listed (22.4R3-S9 or later, 23.2R2-S6 or later, 23.4R2-S7 or later, 24.2R2-S3 or later, 24.4R2-S2 or later, 25.2R1-S2 or later). Check the vendor advisory for the latest patch and update instructions.
CVE-2026-33779: CWE-296 Improper Following of a Certificate's Chain of Trust in Juniper Networks Junos OS
Description
An Improper Following of a Certificate's Chain of Trust vulnerability in J-Web of Juniper Networks Junos OS on SRX Series allows a PITM to intercept the communication of the device and get access to confidential information and potentially modify it. When an SRX device is provisioned to connect to Security Director (SD) cloud, it doesn't perform sufficient verification of the received server certificate. This allows a PITM to intercept the communication between the SRX and SD cloud and access credentials and other sensitive information. This issue affects Junos OS: * all versions before 22.4R3-S9, * 23.2 versions before 23.2R2-S6, * 23.4 versions before 23.4R2-S7, * 24.2 versions before 24.2R2-S3, * 24.4 versions before 24.4R2-S2, * 25.2 versions before 25.2R1-S2, 25.2R2.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability (CWE-296) involves Junos OS SRX devices not properly verifying the chain of trust for server certificates when connecting to the Security Director cloud. This insufficient verification enables a PITM attacker to intercept and access sensitive information, including credentials, and potentially alter data in transit. Affected versions include all releases before 22.4R3-S9, 23.2 versions before 23.2R2-S6, 23.4 versions before 23.4R2-S7, 24.2 versions before 24.2R2-S3, 24.4 versions before 24.4R2-S2, and 25.2 versions before 25.2R1-S2 and 25.2R2. The vulnerability is rated medium severity with a CVSS 3.1 score of 6.5 (Network attack vector, High attack complexity, No privileges required, No user interaction, Unchanged scope, High confidentiality impact, Low integrity impact, No availability impact). Juniper manages remediation for this cloud-hosted service, and a patch is available.
Potential Impact
Successful exploitation allows a proxy-in-the-middle attacker to intercept communications between SRX devices and the Security Director cloud, gaining access to confidential information such as credentials and potentially modifying data. This compromises confidentiality and partially impacts integrity but does not affect availability. The medium CVSS score reflects this moderate impact.
Mitigation Recommendations
A patch is available from Juniper Networks to address this vulnerability. Since the affected component is a cloud service, Juniper manages remediation on the server side. Users should ensure their devices are updated to the fixed versions listed (22.4R3-S9 or later, 23.2R2-S6 or later, 23.4R2-S7 or later, 24.2R2-S3 or later, 24.4R2-S2 or later, 25.2R1-S2 or later). Check the vendor advisory for the latest patch and update instructions.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- juniper
- Date Reserved
- 2026-03-23T19:46:13.669Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Is Cloud Service
- true
Threat ID: 69d843721cc7ad14da3fb40d
Added to database: 4/10/2026, 12:25:22 AM
Last enriched: 4/10/2026, 12:51:46 AM
Last updated: 4/10/2026, 7:39:40 AM
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.