This vulnerability (CVE-2026-33787) is due to an improper check for unusual or exceptional conditions (CWE-754) in the chassis control daemon (chassisd) of Juniper Networks Junos OS on SRX1500, SRX4100, SRX4200, and SRX4600 devices. When a specific 'show chassis' CLI command is executed by a local user with low privileges, it causes the chassisd process to crash and restart, leading to a momentary Denial of Service affecting all traffic until the system modules are fully operational again. The affected Junos OS versions include 23.2 versions before 23.2R2-S6, 23.4 versions before 23.4R2-S7, 24.2 versions before 24.2R2-S2, 24.4 versions before 24.4R2, and 25.2 versions before 25.2R1-S1 and 25.2R2. The CVSS v3.1 base score is 5.5, reflecting a medium severity with local attack vector, low attack complexity, low privileges required, no user interaction, unchanged scope, no confidentiality or integrity impact, but high impact on availability.

A local attacker with low privileges can cause a complete Denial of Service by triggering a crash and restart of the chassis control daemon (chassisd) via a specific 'show chassis' CLI command. This causes a temporary disruption of all network traffic handled by the affected Junos OS devices until the system modules are back online. There is no impact on confidentiality or integrity.

Patch status is not yet confirmed — check the Juniper Networks vendor advisory for current remediation guidance. Until a patch or official fix is available, restrict local access to the affected devices to trusted administrators only to prevent exploitation. Monitor for any updates from Juniper Networks regarding fixes or workarounds.