CVE-2026-33786: CWE-754 Improper Check for Unusual or Exceptional Conditions in Juniper Networks Junos OS
An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon (chassisd) of Juniper Networks Junos OS on SRX1600, SRX2300 and SRX4300 allows a local attacker with low privileges to cause a complete Denial of Service (DoS). When a specific 'show chassis' CLI command is executed, chassisd crashes and restarts which causes a momentary impact to all traffic until all modules are online again. This issue affects Junos OS on SRX1600, SRX2300 and SRX4300: * 24.4 versions before 24.4R1-S3, 24.4R2. This issue does not affect Junos OS versions before 24.4R1.
AI Analysis
Technical Summary
This vulnerability (CVE-2026-33786) in Juniper Networks Junos OS arises from an improper check for unusual or exceptional conditions (CWE-754) within the chassis control daemon (chassisd) on SRX1600, SRX2300, and SRX4300 devices. When a specific 'show chassis' CLI command is executed by a local user with low privileges, it causes the chassisd process to crash and restart. This leads to a temporary denial of service impacting all traffic until the system modules fully recover. The issue affects Junos OS 24.4 versions prior to 24.4R1-S3 and 24.4R2, but not versions before 24.4R1. The CVSS 3.1 base score is 5.5, reflecting a medium severity with local attack vector, low complexity, low privileges required, no user interaction, and impact limited to availability. Juniper manages remediation for this cloud-hosted service, and a patch is available.
Potential Impact
A local attacker with low privileges can cause a temporary denial of service by crashing the chassis control daemon (chassisd) via a specific CLI command. This results in momentary traffic disruption until all modules restart and come back online. There is no impact on confidentiality or integrity, only availability is affected. No known exploits are reported in the wild.
Mitigation Recommendations
A patch is available for this vulnerability. Since Junos OS is offered as a cloud service, Juniper Networks manages remediation server-side. Users should verify with Juniper's official advisory for patch deployment status and apply updates accordingly to affected versions 24.4 before 24.4R1-S3 and 24.4R2. No additional mitigation actions are specified.
CVE-2026-33786: CWE-754 Improper Check for Unusual or Exceptional Conditions in Juniper Networks Junos OS
Description
An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon (chassisd) of Juniper Networks Junos OS on SRX1600, SRX2300 and SRX4300 allows a local attacker with low privileges to cause a complete Denial of Service (DoS). When a specific 'show chassis' CLI command is executed, chassisd crashes and restarts which causes a momentary impact to all traffic until all modules are online again. This issue affects Junos OS on SRX1600, SRX2300 and SRX4300: * 24.4 versions before 24.4R1-S3, 24.4R2. This issue does not affect Junos OS versions before 24.4R1.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability (CVE-2026-33786) in Juniper Networks Junos OS arises from an improper check for unusual or exceptional conditions (CWE-754) within the chassis control daemon (chassisd) on SRX1600, SRX2300, and SRX4300 devices. When a specific 'show chassis' CLI command is executed by a local user with low privileges, it causes the chassisd process to crash and restart. This leads to a temporary denial of service impacting all traffic until the system modules fully recover. The issue affects Junos OS 24.4 versions prior to 24.4R1-S3 and 24.4R2, but not versions before 24.4R1. The CVSS 3.1 base score is 5.5, reflecting a medium severity with local attack vector, low complexity, low privileges required, no user interaction, and impact limited to availability. Juniper manages remediation for this cloud-hosted service, and a patch is available.
Potential Impact
A local attacker with low privileges can cause a temporary denial of service by crashing the chassis control daemon (chassisd) via a specific CLI command. This results in momentary traffic disruption until all modules restart and come back online. There is no impact on confidentiality or integrity, only availability is affected. No known exploits are reported in the wild.
Mitigation Recommendations
A patch is available for this vulnerability. Since Junos OS is offered as a cloud service, Juniper Networks manages remediation server-side. Users should verify with Juniper's official advisory for patch deployment status and apply updates accordingly to affected versions 24.4 before 24.4R1-S3 and 24.4R2. No additional mitigation actions are specified.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- juniper
- Date Reserved
- 2026-03-23T19:46:13.670Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Is Cloud Service
- true
Threat ID: 69d843751cc7ad14da3fb553
Added to database: 4/10/2026, 12:25:25 AM
Last enriched: 4/17/2026, 11:59:03 AM
Last updated: 5/24/2026, 11:14:02 PM
Views: 62
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.